An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman
In early 2004, 5 sets of honeypots were deployed sequentially togather data on threats that exist on a normal DSL internet connection. Other than the main finding that normal DSL users are susceptible to random online attack, the research has also observed several kinds of abnormalities and interest...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Universiti Teknologi MARA Cawangan Pahang
2006
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/35555/ |
| _version_ | 1848808820651851776 |
|---|---|
| author | Mohd Tamil, Emran Othman, Abdul Hamid |
| author_facet | Mohd Tamil, Emran Othman, Abdul Hamid |
| author_sort | Mohd Tamil, Emran |
| building | UiTM Institutional Repository |
| collection | Online Access |
| description | In early 2004, 5 sets of honeypots were deployed sequentially togather data on threats that exist on a normal DSL internet connection. Other than the main finding that normal DSL users are susceptible to random online attack, the research has also observed several kinds of abnormalities and interesting network traffic such as port zero TCP traffic and Net BIOS 5MB spam pop-up advertisement network traffic. Traffic to or from port zero is not valid under normal circumstances as there is no such port zero. As these packets are high possibly crafted, it is an indicator of unauthorised network use, reconnaissance activities or system compromise. Some of the honeypots also experienced pop-up messages with advertisements. The pop-up advertisement messages were the results of spamming activities that exploit Net BIOS messaging protocol. This paper analysed both the TCP port zero traffic and Net BIOS 5MB spam advertisement pop up network traffic which were experienced by the honeypot deployed. |
| first_indexed | 2025-11-14T23:04:48Z |
| format | Article |
| id | uitm-35555 |
| institution | Universiti Teknologi MARA |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-14T23:04:48Z |
| publishDate | 2006 |
| publisher | Universiti Teknologi MARA Cawangan Pahang |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | uitm-355552022-03-27T06:43:40Z https://ir.uitm.edu.my/id/eprint/35555/ An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman gading Mohd Tamil, Emran Othman, Abdul Hamid Computer networks. General works. Traffic monitoring TCP/IP (Computer network protocol) In early 2004, 5 sets of honeypots were deployed sequentially togather data on threats that exist on a normal DSL internet connection. Other than the main finding that normal DSL users are susceptible to random online attack, the research has also observed several kinds of abnormalities and interesting network traffic such as port zero TCP traffic and Net BIOS 5MB spam pop-up advertisement network traffic. Traffic to or from port zero is not valid under normal circumstances as there is no such port zero. As these packets are high possibly crafted, it is an indicator of unauthorised network use, reconnaissance activities or system compromise. Some of the honeypots also experienced pop-up messages with advertisements. The pop-up advertisement messages were the results of spamming activities that exploit Net BIOS messaging protocol. This paper analysed both the TCP port zero traffic and Net BIOS 5MB spam advertisement pop up network traffic which were experienced by the honeypot deployed. Universiti Teknologi MARA Cawangan Pahang 2006 Article PeerReviewed text en https://ir.uitm.edu.my/id/eprint/35555/1/35555.PDF Mohd Tamil, Emran and Othman, Abdul Hamid (2006) An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman. (2006) Jurnal Gading UiTM Pahang <https://ir.uitm.edu.my/view/publication/Jurnal_Gading_UiTM_Pahang.html>, 10 (1). pp. 15-27. ISSN 0128-5599 |
| spellingShingle | Computer networks. General works. Traffic monitoring TCP/IP (Computer network protocol) Mohd Tamil, Emran Othman, Abdul Hamid An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title | An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title_full | An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title_fullStr | An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title_full_unstemmed | An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title_short | An analysis of TCP Port 0 traffic and net BIOS SMB spam advertisement incidents within a set of honeypots / Emran Mohd Tamil and Abdul Hamid Othman |
| title_sort | analysis of tcp port 0 traffic and net bios smb spam advertisement incidents within a set of honeypots / emran mohd tamil and abdul hamid othman |
| topic | Computer networks. General works. Traffic monitoring TCP/IP (Computer network protocol) |
| url | https://ir.uitm.edu.my/id/eprint/35555/ |