Security Basics mailing list archives
Re: attack redirection
From: Ray Stirbei <me () highentropy org>
Date: Sun, 18 May 2003 14:28:22 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Forescout ( http://www.forescout.com/index.html) sells a product that works with commercial firewall and IPS vendors. It detects all kinds of scans and returns dummy server information. Then any traffic to these dummy servers can be filtered. You can replace the dummy server addresses with your honeypot(s). I agree this would be a great feature to snort and I have copied the snort-inline list. Best regards ray On Friday 16 May 2003 02:48 pm, Jon Baer wrote:
It would be nice to have an intelligent version of Snort to be able to do this :-) Im also interested in an answer, if you get it please pass along. Thanks. - Jon ----- Original Message ----- From: "Andrew Elmore" <andrew.elmore () cyber-south com> To: <security-basics () securityfocus com> Sent: Friday, May 16, 2003 7:38 AM Subject: attack redirection Hey guys, I'm looking for some program to redirect an attack on my web server to a honeypot. Maybe triggered by number of hits in a given time or by certain requests. Does such a thing exist? Where can I get it? Or would I have to write some kind of script? Thanks for your help. Andy --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics --------------------------------------------------------------------------- - --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics --------------------------------------------------------------------------- -
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+x9DGzejBliQ3SdsRAtjzAKDugolpgwe8l44CH0tfnE3YURjS/QCfQEyl Kdg7j0zoQ6Z0Z3WhNWezH5M= =UOcy -----END PGP SIGNATURE----- --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ----------------------------------------------------------------------------
Current thread:
- attack redirection Andrew Elmore (May 16)
- Re: attack redirection Jon Baer (May 17)
- Re: attack redirection Ray Stirbei (May 19)
- Re: [Snort-inline-users] Re: attack redirection Lance Spitzner (May 19)
- Re: [Snort-inline-users] Re: attack redirection Jed Haile (May 19)
- Re: attack redirection Ray Stirbei (May 19)
- Re: attack redirection Jon Baer (May 17)
- Re: attack redirection Andy Cuff [talisker] (May 19)
- Re: attack redirection Daniel Cid (May 20)
- Re: attack redirection Daniel B. Cid (May 20)