Scan-Me.org
I shared a while back that I had decided to pick up two dedicated servers... rather than worrying about buying hardware and paying colo fees, I went with just paying fees... high fees, but fees none-the-less. I picked up one windows machine and one linux machine and I've been playing with them quite a bit.
One of the things I got to do was remember everything I learned in school and configure various services in a working "production" state. It's one thing to setup a piece of software to test against... it's another to configure it, and lock it down to a state you're comfortable with having online.
One of the things I decided to do was to pick up an extra IP and setup nepenthes listening. I decided to register the domain scan-me.org to attach to it. The domain may seem to obvious but I figure automatted tools looking at IP addresses or links to domains (required link for any bots to pick up).
I've had it listening for about a month with nepenthes 0.2.0. I attempted to upgrade to the latest svn version so that I could include the listener for MS08-067 but my first attempt went rather poorly and I ended up with nothing listening. I'm back to 0.2.0 for now, however I do plan to attempt another upgrade in the near future.
I'm hoping mentioning the domain here will increase the number of scans and quantity of traffic that it sees (anyone that wants to feel free to repost the address). As I've seen limited samples coming in so far, however those samples do make for some fun nights (I suppose I have an odd definition of fun).
Anyways... I just wanted to share that I had nepenthes running and get a blog post out with the domain mentioned. In the upcoming weeks I hope to post some write-ups related to the samples I'm seeing.