Since we have this endless supply of Cobalt RaQs [1] at The Office, I used one to set up a LaBrea Tarpit system [2]. Playing around with it I noticed that LaBrea doesn't stop port scans per se, since port scanners tend to do the TCP (Transmission Control Protocol) handshake then drop the connection, whereas LeBrea will put a connection on hold indefinitely (assuming the other side keeps the connection up). It will also (as I ran it) accept connections on every single TCP port, all 65,536 of them, which is something that doesn't happen on a real server, so I may have to limit the number of ports LaBrea responds to.