-
March 15th, 2004, 01:38 AM
#11
Probably because few people use honeypots or have one.
-
March 15th, 2004, 03:08 AM
#12
Senior Member
good point. but wouldnt they have spotted it in the forum menu thing??
-
March 15th, 2004, 10:46 AM
#13
Even if someone does notice this forum, doesn't mean that they will use it.
-
March 16th, 2004, 12:10 AM
#14
Senior Member
but would they get interested and try to find stuff out about honeypots?
-
March 16th, 2004, 12:24 AM
#15
Sure. Just because a forum doesn't have 10,000 posts doesn't mean people aren't reading it. The reality is that honeypot usage is still a relatively new thing and I suspect that many either don't have the time or patience to setup up a good honeypot and ensure a limited risk factor. That's life.
There are lots of resources out there for honeypots but I still say the best is http://project.honeynet.org. (whoops! Fixed! )
-
March 16th, 2004, 12:34 AM
#16
Senior Member
-
March 16th, 2004, 10:46 AM
#17
I experimented with a honeypot called KFSensor from keyfocus http://www.keyfocus.net/kfsensor/
Though I am not very familiar with honeypots nor have I played with KFSensor enough to give a report, I will say it was fun watching the connections come in and the commands that were typed. KFSensor is comercial, a trial is available.
-
March 17th, 2004, 12:06 PM
#18
I just found a honeypot (directed from another website): http://www.security-corporation.com/trapserver.html
Looks interesting and it's FREE! (gotta love that 4 letter word). So those of you in Windows might want to try it.
-
March 20th, 2004, 01:26 AM
#19
Junior Member
Originally posted here by journy101
Though I am not very familiar with honeypots nor have I played with KFSensor enough to give a report, I will say it was fun watching the connections come in and the commands that were typed. KFSensor is comercial, a trial is available. [/B]
I use kfsensor. I agree on the watching connections bit. Mostly it runs as a spam trap and that isnt wildly interesting.
I caught someone trying to send fake aol billing messages from a russian ISP once, and another person trying to exploit yahoo pager. I keep hoping I might catch something from these new trojans but without a proper simulator behind the ports there isnt much hope I think.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|