|
-
July 8th, 2008, 07:17 AM
#1
Member
capturing virus/botnet with honeypot...
I've decided to setup a honeypot to capture viruses/botnet to reverse engineer them and getting to know how the work, where they come from etc...for that I setup nepenthes running on ubuntu virtual machine, and I opened a hole on my firewall to that machine, pretty much redirecting all traffic that hits the firewall to the virtual box, in less than 3 hours I started to get hit with what appears to be botnet for DDos from ip address in China, but nepenthes sends the virus to a website for analysis, and the virus is no where to be found in the system.....instead I want to be able to capture and analyze them myself...does anyone know a better way to accomplish this?
Thanks in advance
Similar Threads
-
By Soda_Popinsky in forum The Security Tutorials Forum
Replies: 1
Last Post: November 12th, 2008, 10:42 PM
-
By Soda_Popinsky in forum The Security Tutorials Forum
Replies: 18
Last Post: December 6th, 2005, 10:18 AM
-
By alphabetarian in forum The Security Tutorials Forum
Replies: 8
Last Post: December 5th, 2005, 04:44 AM
-
By Soda_Popinsky in forum The Security Tutorials Forum
Replies: 7
Last Post: August 2nd, 2005, 04:39 PM
-
By sweet_angel in forum Firewall & Honeypot Discussions
Replies: 9
Last Post: January 23rd, 2003, 10:30 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote