One of the most obscure RSS feeds I subscribed to is simply called "portscans". When we redesigned the website for the Chaos Computer Club Cologne, a local chapter of the Chaos Computer Club, we had several ideas: Since we had to move to a new server, we had the chance to redo the whole design, but we also wanted to play with some new technology like XML and XSLT. We eventually converted all the old pages to XML and wrote XSLT code to render nice HTML from them. We also wrote our own XSLT handler in distributed Ruby in order to cache pages so they don't have to be transformed with a XSLT processor running as a separate process every time a web page is accessed.
But the joy didn't stop here. Someone (I won't tell you the name, so don't ask) came up with the idea of restricting access to our server with firewall rules and port filtering. Not a very hackish approach! After all, portscanning is a perfectly legal way to find out about other hosts on the Internet, it's good, clean fun, nothing hackers should be afraid of.
We soon found a better way to deal with portscans: Gathering information on who scanned us with an IDS, we turn the data into an RSS feed that we publish in a box on our homepage. Now you can get up to date information on who thought it would be funny to portscan the webserver of a hackers club right from your favourite RSS reader. Enjoy.
Posted by jens at August 2, 2003 12:37 AM