hello friends...
i just wanted to ask u all .. what exactly is honey pots and .. i mean just i am very new to this thing... will anybody tell me what is it and wheather it is dangerous or helpful .. andin what way...
thanks .
intruder...
Printable View
hello friends...
i just wanted to ask u all .. what exactly is honey pots and .. i mean just i am very new to this thing... will anybody tell me what is it and wheather it is dangerous or helpful .. andin what way...
thanks .
intruder...
mmmmmmm...honey pots :)
nah, sorry - I got no idea. But I would also like to find out cos I've seen the term floating around here and there. But I recall something about it having to do with acting as other systems or something - but I got no idea. I should look it up, but I gotta go sleep. :(
Greg
For as far as I remember what it exactly is, a honeypot is a computer/server that is meant to attract eventual hackers. The machine itself is of no real importance to the rest of the network, but it should look as if it's an important server. I believ ppl would run software on a honeypot to trace the hacker, thus the hacker could be identified.
As I said before, it's just what I think I remember 'bout it. I'm no expert on the field either.
Grtz,
sparkant.
Honeypots, to my knowledge is a project where people (securit experts or just enthusist) setup servers, and release them on the net waiting for hackers to do their stuff on them. They are used as a research kind of server, seeing what a hacker does, so they can learn what exactly hackers do. Did that make sense?
There´s another one.. think it´s called a tarpit(?) Anyone who knows what that is?
good link to info on Honeypots & Honeynets can be found here
;)
J.
Greetz,
From what I've learned (not all that much, but it's more than I started with...) a honeypot is a certain type of program that will often mimic a Trojan Horse-type server. I've got a few honeypots that mimic Back Orifice and also Sub7. If you're interested in these, just email me and I'll hook you up :)
I hope this little tidbit of info has helped.
God bless,
--PhirePhreak
<editing>
LOL... in my original post, I forgot the most important part. A honeypot, used in conjunction with a firewall, will create a very secure system (at least on that port) and often frustrate the would-be-kiddiot with interesting messages. It makes them think that they have perfect control, until they try a certain command, when it will send them a message (often customizable) such as "Not as l33t as you thought, eh?"
</edit>
Honeynet, honeypot and tarpit's are briefly a system meant to attract the hackers attention.
This system shall be 100% secured but look like a badly configured system. During a attack the system shall log and analyse as much as possible so that the administrator can learn where possible threats can be found and ofcourse also be noticed in time that the system are under attack.
There are lots of more things to tell about these kind of "traps" but I'll leave it for the pro's who probably can tell it better then me :).
hmm, my understanding differs slightly...
Honeynet's & Honeypots are 'secured' systems (& networks), not advertised that look like 'real' set-up's, the difference is that there is hidden logging taking place (full realtime IDS etc), their aim is to observe hack attempts and try and spot new techniques and trends.
Honeypots and honeynets can be a single machine or multiples on the same network.
Tarpits are just sticky traps that prolong any probe by sending increasingly delayed packets in order to slow down any attack attempts (particularly on unused IP's)
;)
J.
for the best imformation on honeypots, go to the honeynet project page
http://project.honeynet.org
Pooh-Bear,
Since honeypots have already been discussed you can obviously see that. But what a tarpit is, is a software utility that mimiks machines on your network. It will create new, replicate, ect, machines within your IP block. A tarpit is used to slow down scans and DoS attacks. Since the fake computers are not there, every ping, ip scan, ect, sent there way will take the maximum ammount of time to time-out. This will cause any type of scan for trojans, open ports, or even dos attacks to target sometimes thousands of computers that do not exist. Which will in turn slow down the attack substantially allowing you to recover quicker, and safe-gaurd you system with less of a loss to you.
A very good tarpit that I have used before on my computer network is LaBrea. Available for download at www.HackBusters.net
A more detailed explanation is also available at that link.