This weekend some asshole decided to scan and probe my ISA Server at home. For those of you who do not know what ISA Server is, it's Microsofts enterprise firewall. So I scanned back and got some really strang results. Sorry about the one pic being a double post I'm not awake.
You do not have the required permissions to view the files attached to this post.
Did you file an abuse report with the ISP of that machine?
no i didn't it usually dosen't bother me if someone scans me they aren't going to penetrate my Fort Knox setup anyhow unless they are from some unamed orginaztion (also I have nothing of value on my machine)you get the picture. I have never seen a honeypot before so it was interesting.
Honeypots typically are set up on a per port basis, such as setting one up on http (tcp80). The pots are designed to reply back with specific strings so that you can capture the attack data as it comes in, you really don't use all those ports since that would be a huge red flag. If I was going after a machine that returned that many ports I'd back off a bit to figure out wtf is up with it.