Useful Links @eHugin

Quick Links
Security @eHugin	Port Scan List	RFCs (Network Standards)
	Useful Links	Trojan Zoo
Quick Links

Other Security Sites

Not sure what somebody's probing for? Just generally curious about security? Not a geek, but suffering from insomnia? :-) Take a browse through some of these sites:

Robert Graham's "Firewalls: What am I seeing" FAQ
ISS X-Force Security Center
SecuriTeam Exploit Archives
Security Focus
CERT (Computer Emergency Response Team)
Lance Spitz's Security Whitepapers

Hunting the Elusive Scanmeister

Places to find information about that odd IP address that's seems ever so interested in probing your ports...

ARIN whois database (North/South America, Caribbean, sub-Saharan Africa)
RIPE whois database (Europe)
APNIC whois database (Asia/Pacific IPs)
SpamCop's Host Tracker
Abuse.Net's Contact Database

For those on Unix systems, you can skip the web interface for several of these and use the "whois" command:

    whois aaa.bbb.ccc.ddd@whois.arin.net
    whois aaa.bbb.ccc.ddd@whois.ripe.net
    whois aaa.bbb.ccc.ddd@whois.apnic.net

(where aaa.bbb.ccc.ddd is the numeric IP address)

Similarly, you can access Abuse.Net's database using:

    whois foo.bar.com@whois.abuse.net

(where foo.bar.com is the full name of the offending site)