info on hacking competitions

[rijilv]

i'm such a n00b, but what are the names of the computers/competitions when people have put a computer on the internet to get hacked, win points, no DDOS/DOS, etc........they are not called warpots, and I have seen posts on here about them. FOR the life of me, I can't remember what they are called..........thankx in advance

[nihil]

Welcome,

They are called "wargames", you are confusing them with "honeypots" which are used to trap hackers. Or at leatst find out what they are getting up to.

[hexadecimal]

i have always wondered the mystery about honeypots ...like how they are used, when they are used, why they are used

[Spyder32]

The mystery? IMO they work similiar to that of a firewall IMO. However in a different preset, like routers and hardware firewall's. You should look up the subject "Honeypot's" and learn about it, quite interesting if your into security.

[Soda_Popinsky]

IMO they work similiar to that of a firewall IMO.

Ummm...

Not really? They usually work w/o a firewall unless the firewall is being monitored for penetration as well? Remember, the point of a honeypot is to be victimized by a zeroday and be able to monitor it, so it would have a firewall blocking outbound connections but not inbound allow a zeroday to be received but to prevent that zeroday from jumping elsewhere? Honeypots and firewalls, big difference?

[offtopicdontrespond]COLLEGIATE DODGEBALL STARTS TODAY[/offtopicdontrespond]

[muert0]

Back on topic:
http://www.antionline.com/showthread...647#post787145

[Spyder32]

Soda_Popinsky: My main point was that they can work together to stop/detect/moniter an enemy.

[The Duck]

Spyder, I suppose your right to a certain extent, but you wouldn't use the firewall to block very many ports. I suppose the only reason you would use a firewall with a honeypot is the intrusion notification or something of that sort, you might block certain ports that some worms attack, after all, you don't want your honeypot destroyed. Other then those reasons, a firewall doesn't serve much more of a purpose. Remember, the whole purpose for a honeypot is to let the intruder in and monitor...

[The Grunt]

Originally posted here by Soda_Popinsky
Ummm...

Not really? They usually work w/o a firewall unless the firewall is being monitored for penetration as well? Remember, the point of a honeypot is to be victimized by a zeroday and be able to monitor it, so it would have a firewall blocking outbound connections but not inbound allow a zeroday to be received but to prevent that zeroday from jumping elsewhere? Honeypots and firewalls, big difference?

[offtopicdontrespond]COLLEGIATE DODGEBALL STARTS TODAY[/offtopicdontrespond]

It wouldn't work if you blocked all outgoing... Think simple ICMP... 3 way handshake.. The sender has to get his response back or he will never know he has any control...

IMO if you are running a honeypot you throw a very good logger of some sort, a sniffer on a box before the honeypot that is invisible would be ideal, you could tell everything they did with nothing on the pot itself... Firewalls make a honeypot harder to get in to... Which destroys the entire point of the honeypot. Right?

[Soda_Popinsky]

It wouldn't work if you blocked all outgoing... Think simple ICMP... 3 way handshake.. The sender has to get his response back or he will never know he has any control...

Doesn't work like that. Connections initiated from the outside will be able to get to the server, connections initiated from the inside will get blocked. AFAIK, it's common practice to block all outgoing connections on some webservers. SSH would work incoming, telnet, whatever. But if the attacker used the box to jump to another, they wouldn't be able to make any connections out.

Proof:
http://www.google.com/search?num=100...ll+outgoing%22

First few links.