RE: All SOTM and a REAL honeypot for windows

["Miguel Cebrian" <mcebrian () reyes-infografica com>]

Hi Udi,

AS for the SOTM downloads, I recomend you TeleportPro, that will crawl the
site and download everithing. You can download the achived sotms in
http://www.honeynet.org/misc/chall.html .

As well I think you will find Lance's book, Honeypots traking hackers, very
usefull.
http://www.tracking-hackers.com/book/


-----Original Message-----
From: Udi Dahan [mailto:udi () co zahav net il]
Sent: domingo, 30 marzo, 2003 4:35
To: honeypots () securityfocus com
Subject: All SOTM and a REAL honeypot for windows


Hi,

I'm working as a security manager for the biggest ISP in Israel and
I'm also new to the honeynet project and the SOTM issue but I must say
The moment I found it, I can't let it go.

I've already went through all SOTM's and started to create my own CD
Including most of the tools used. - (the CD will be available to anyone
interested soon)

I have two questions:

1. Is there a simple way to download all information regarding sotm's
from the first one to the last
        including all files, answers etc and saving the time to go link
by link and download it manually ?
        I think it will be a good idea to include those files on that
CD.

2. I want to setup a honeypot/honeynet on our network (ISP), however our
network is based on
        Microsoft servers and we have a very little (if any) knowledge
of *nix systems.
        I've found a few honeypots for windows but I must say the are
not as one might think.
        if anyone knows of a good setup including creating a virtual
network, snort and lots of services
        monitored, I'll be glad to know about it in order to create one
of my own.

P.s I have no bandwidth problem and I will be glad to help the honeynet
project any way I can
        any help everyone to learn and understand some more about
security.



Udi Dahan
Security Manager
Internet Gold - ISP
eMail: udi () co zahav net il
Tel: 03-9399781
Cel:055-399781
Fax: 057-974852

<-----------------------------------------------------------------------
------------------------------------->
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged and/or
confidential information. If you are not the intended recipient of this
e-mail, you are hereby notified that any dissemination, distribution or
copying of this e-mail, and any attachments thereto, is strictly
prohibited. If you have received this e-mail in error, please
immediately notify us at 972-(0)3-9399781 and permanently delete the
original and any copy of any e-mail and any printout thereof.
------------------------------------------------------------------------
--------------------------------------->