February 22nd, 2004, 04:59 PM
what honeypots are there?
i can't find any good honeypots w/ google.
February 22nd, 2004, 05:01 PM
Which OS would the honeypot go on? Check out HoneyNet Project has some good resources.
February 22nd, 2004, 05:02 PM
i want it to go on WinXP.
February 22nd, 2004, 05:06 PM
BackOfficer Friendly is a free but simple Windows honeypot. ManTrap by Symantec is a high-end, high cost. Alternatively, you could use something like VMWare to create a medium risk, medium-low cost honeypot.
I've found that on Windows there are few free options for honeypots and mostly high cost options from larger enterprises (Symantec, Computer Associates, etc.).
February 22nd, 2004, 05:15 PM
thanx 4 telling me about backOfficer Friendly
February 22nd, 2004, 05:22 PM
I just happen to have a copy of "Honeypots - Tracking Hackers" on the book shelf and after reading it, I would highly recommend that before you install software for setting up your own honeypot, that you do some studying.
Obviously I don't know your skill set, but better make sure yours is better than the folks you might want to lure in and catch in the honeypot.
Edit: Some links are also listed below the thread.
February 22nd, 2004, 05:58 PM
As Relyt said, pick up a copy of "Honeypots - Tracking Hackers". It's written by Lance Spitzner and is an excellent, excellent book. It's very informative, yet a relatively easy read at the same time. I did an independent study course last year on honeypots and that was the book I used as a text.
While Back Officer Friendly is pretty much the only free Windows honeypot I can think of, it's also incredibly lame. It's a low interaction honeypot, which means that all it does is throw up some open ports and then log whenever anyone connects to them. However, that's *all* it does...where as some low interaction honeypots will emulate a service. Another downside to BOF is that it doesn't take a brain surgeon to ID it. You can connect to it's wanna-be telnet port, type a login and password, but the password shows up as you type it. I've never telnetted into a box where that's happened. Quite honestly, I'd barely say that it was worth a look.
However, if you really want to get into some cool honeypots, use VMWare like Mittens said, but throw a Linux flavor on a virtual machine and then check into either Honeyd (my fav.), LaBrea, or the Deception Tool Kit. I'm pretty sure you may have to compile them from source, I know for a fact Honeyd you will, so you'll need to make sure you have a C compiler installed.
February 22nd, 2004, 07:00 PM
rule #1 DO NOT do this on your main, or a shared computer resource......only use a machine on which you are prepared to reformat and reinstall your OS.
Certainly don't do it on a school, college or work computer
Honeypots are not beginners' stuff, so make sure that you read up thoroughly
Good luck.............and be careful
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
March 14th, 2004, 10:19 PM
i like using the BackOfficer Friendly honeypot. thanx MsMittens.
March 15th, 2004, 01:25 AM
why aren't there many threads in this section?