Printable View
Errrr, correct me if i am wrong. I think honeypot is a concept. You can use some program to make your linux box looks like running IIS etc (to the hacker) and log down all his activity. So that you can use the log to track him down/ use that as evident. You can also do that with a actual IIS server etc..... The ways are many. But conceptually they are all honeypots.
Your right... I was thinking correctly. I knew that, I just forgot. Damn homework screwed up my brain!Quote:
Originally posted here by Soda_Popinsky
Doesn't work like that. Connections initiated from the outside will be able to get to the server, connections initiated from the inside will get blocked. AFAIK, it's common practice to block all outgoing connections on some webservers. SSH would work incoming, telnet, whatever. But if the attacker used the box to jump to another, they wouldn't be able to make any connections out.
Proof:
http://www.google.com/search?num=100...ll+outgoing%22
First few links.
No, most honeypots are not like that... You almost always use an ACTUAL IIS server as an IIS honeypot...Quote:
Errrr, correct me if i am wrong. I think honeypot is a concept. You can use some program to make your linux box looks like running IIS etc (to the hacker) and log down all his activity. So that you can use the log to track him down/ use that as evident. You can also do that with a actual IIS server etc..... The ways are many. But conceptually they are all honeypots.
No a honeypot is a real bit of kit, not a concept. It is set up for the purpose of investigating internet traffic and hacking activity etc.Quote:
Errrr, correct me if i am wrong. I think honeypot is a concept.
I think you are confusing the difference between a PRODUCTION system and a TEST system. The honeypot is a test system which you usually disguise as a production system to obtain and hold the interest of hackers.
You do not use your honeypot for your daily business, and you do not use your daily business machines as a honeypot :eek:
I think you will understand my point if you consider that a honeypot is a system that is deliberately set up weak and with vulnerabilities in order to provoke attacks, which you then analyse. If you set the honeypot up like your production system then it wouldn't work I SINCERELY HOPE :eek: :D
Hope that helps
You guys are making this much harder than it is. Let's not worry about if it is a concept or if it is an actual program. Look at the name itself, and keep things simple:
Honey pot: A pot of honey used to lure bears into a trap
Absolutely right, Pooh --
A honeypot is a simple concept, but only so much as 'programming' is a simple concept, or 'security' is a simple concept. A honeypot is a tool used to achieve a specific business objective -- draw traffic in so that it can be monitored. And it's definitely not something most people want to truck with unless you are actually a security consultant.
Now wargames, that's just plain fun. My personal recommendation is Hackquest.com, since the challenges are varied and pretty much geared toward the programmer-type.
rijilv:
If you are interested in wargames there is a really good one at
http://www.fallenroot.net
bleh **** the honeynet project and **** honeypots bleh
And if your want a wargame telnet://drill.hackerslab.org
This is a fake wargame, and won't help at all in reality. It relies on you discovering programs that are everyday programs but are also modified from their origonal code. For example, maybe man uses a root call in it, and thus you could exploit that man command since it is running as root even though you are not.Quote:
What in the hell? So they don't want you to actually penetrate the system, they want you to use files and commands they've modified to gain higher and higher access? That's like holding a "who can build a better car" by giving everyone prebuilt parts.
Not to mention that even though you could use the "but it could immiate a rootkit program", it still isn't reality. Have fun playing hide and go seek with hackerslab, but take it's real-world usage with as much confidence as the movie "Hackers".
pooh: actually the game goes in diffrent levels ranging from your silly **** at the start to race conditions bufferoverflows heap overflows and formatstrings there is even a level you need to send a specially crafted packet with the password and user name i think ( its been a while ) and the drill server will send you the pass back and no one says you cant try and break root but last time i checked the only suid root file was a sendmail binary and i cant be assed logging in to the server and running the find command
peace
anybody want to trade....
ill send a gmail invite in exchange for the isp address of the head of the security (malaysia)
plz send me the address asp so that i can use my intelligence network and crack into it right away
thanking you
shahid