-
September 13th, 2004, 11:18 PM
#1
Junior Member
info on hacking competitions
i'm such a n00b, but what are the names of the computers/competitions when people have put a computer on the internet to get hacked, win points, no DDOS/DOS, etc........they are not called warpots, and I have seen posts on here about them. FOR the life of me, I can't remember what they are called..........thankx in advance
-
September 13th, 2004, 11:25 PM
#2
Welcome,
They are called "wargames", you are confusing them with "honeypots" which are used to trap hackers. Or at leatst find out what they are getting up to.
-
September 13th, 2004, 11:30 PM
#3
i have always wondered the mystery about honeypots ...like how they are used, when they are used, why they are used
work it harder, make it better, do it faster, makes us stronger
-
September 13th, 2004, 11:37 PM
#4
The mystery? IMO they work similiar to that of a firewall IMO. However in a different preset, like routers and hardware firewall's. You should look up the subject "Honeypot's" and learn about it, quite interesting if your into security.
-
September 14th, 2004, 12:49 AM
#5
IMO they work similiar to that of a firewall IMO.
Ummm...
Not really? They usually work w/o a firewall unless the firewall is being monitored for penetration as well? Remember, the point of a honeypot is to be victimized by a zeroday and be able to monitor it, so it would have a firewall blocking outbound connections but not inbound allow a zeroday to be received but to prevent that zeroday from jumping elsewhere? Honeypots and firewalls, big difference?
[offtopicdontrespond]COLLEGIATE DODGEBALL STARTS TODAY[/offtopicdontrespond]
-
September 14th, 2004, 01:32 AM
#6
When death sleeps it dreams of you...
-
September 14th, 2004, 02:31 AM
#7
Soda_Popinsky: My main point was that they can work together to stop/detect/moniter an enemy.
-
September 14th, 2004, 03:20 AM
#8
Spyder, I suppose your right to a certain extent, but you wouldn't use the firewall to block very many ports. I suppose the only reason you would use a firewall with a honeypot is the intrusion notification or something of that sort, you might block certain ports that some worms attack, after all, you don't want your honeypot destroyed. Other then those reasons, a firewall doesn't serve much more of a purpose. Remember, the whole purpose for a honeypot is to let the intruder in and monitor...
-
September 14th, 2004, 03:48 AM
#9
Originally posted here by Soda_Popinsky
Ummm...
Not really? They usually work w/o a firewall unless the firewall is being monitored for penetration as well? Remember, the point of a honeypot is to be victimized by a zeroday and be able to monitor it, so it would have a firewall blocking outbound connections but not inbound allow a zeroday to be received but to prevent that zeroday from jumping elsewhere? Honeypots and firewalls, big difference?
[offtopicdontrespond]COLLEGIATE DODGEBALL STARTS TODAY[/offtopicdontrespond]
It wouldn't work if you blocked all outgoing... Think simple ICMP... 3 way handshake.. The sender has to get his response back or he will never know he has any control...
IMO if you are running a honeypot you throw a very good logger of some sort, a sniffer on a box before the honeypot that is invisible would be ideal, you could tell everything they did with nothing on the pot itself... Firewalls make a honeypot harder to get in to... Which destroys the entire point of the honeypot. Right?
[H]ard|OCP <--Best hardware/gaming news out there--|
pwned.nl <--Gamers will love this one --|
Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
-
September 14th, 2004, 05:41 AM
#10
It wouldn't work if you blocked all outgoing... Think simple ICMP... 3 way handshake.. The sender has to get his response back or he will never know he has any control...
Doesn't work like that. Connections initiated from the outside will be able to get to the server, connections initiated from the inside will get blocked. AFAIK, it's common practice to block all outgoing connections on some webservers. SSH would work incoming, telnet, whatever. But if the attacker used the box to jump to another, they wouldn't be able to make any connections out.
Proof:
http://www.google.com/search?num=100...ll+outgoing%22
First few links.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|