Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea
Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea (The "Sticky" Honeypot and IDS)
A network Tarpit, sometimes know by the German word Teergrube, is a service or set of hosts that deliberately try to slow malicious network connections down to a crawl. The idea is to put up unused hosts or services on the network that respond to an attacker, but do things to waste their time and greatly slow their scanning (or spreading in the case of Worms). For this video Iíll be using a package called LaBrea by Tom Liston and tarpitting unused IP addresses on my home LAN.