Im on a college network running xp pro, what honeypots would be good for me to use in AO's opinion?
Printable View
Im on a college network running xp pro, what honeypots would be good for me to use in AO's opinion?
Found an interesting article while looking for windows honeypots:
http://niels.xtdnet.nl/honeyd/msblast.html
This looks to be a good commercial honeypot for windows, although I didn't read the article, it may have gotten bad reviews: http://www.securityfocus.com/infocus/1683
Here's another good article with a few options and descriptions:
http://www.itsecurity.com/papers/cyberguard1.htm
edit
It also may be a good idea to have your honeypot on a separate computer. If you can find something with like 96 mb of ram you can get a copy of knoppix-std which I believe comes with honeyd. If you do this you could get a router with a firewall and just have a whole bunch of virtual servers pointing to your computer with knoppix-std with honeyd running. Then your windows machine would be relatively safe while your honeypot machine would be open to the hits.
Check out honeyd at:
http://www.citi.umich.edu/u/provos/honeyd/
http://www.tracking-hackers.com/solutions/ gives some honeypots, both free/open source and commercial ones.