Honeypots mailing list archives
RE: All SOTM and a REAL honeypot for windows
From: "Miguel Cebrian" <mcebrian () reyes-infografica com>
Date: Mon, 31 Mar 2003 10:57:40 +0200
Hi Udi, AS for the SOTM downloads, I recomend you TeleportPro, that will crawl the site and download everithing. You can download the achived sotms in http://www.honeynet.org/misc/chall.html . As well I think you will find Lance's book, Honeypots traking hackers, very usefull. http://www.tracking-hackers.com/book/ -----Original Message----- From: Udi Dahan [mailto:udi () co zahav net il] Sent: domingo, 30 marzo, 2003 4:35 To: honeypots () securityfocus com Subject: All SOTM and a REAL honeypot for windows Hi, I'm working as a security manager for the biggest ISP in Israel and I'm also new to the honeynet project and the SOTM issue but I must say The moment I found it, I can't let it go. I've already went through all SOTM's and started to create my own CD Including most of the tools used. - (the CD will be available to anyone interested soon) I have two questions: 1. Is there a simple way to download all information regarding sotm's from the first one to the last including all files, answers etc and saving the time to go link by link and download it manually ? I think it will be a good idea to include those files on that CD. 2. I want to setup a honeypot/honeynet on our network (ISP), however our network is based on Microsoft servers and we have a very little (if any) knowledge of *nix systems. I've found a few honeypots for windows but I must say the are not as one might think. if anyone knows of a good setup including creating a virtual network, snort and lots of services monitored, I'll be glad to know about it in order to create one of my own. P.s I have no bandwidth problem and I will be glad to help the honeynet project any way I can any help everyone to learn and understand some more about security. Udi Dahan Security Manager Internet Gold - ISP eMail: udi () co zahav net il Tel: 03-9399781 Cel:055-399781 Fax: 057-974852 <----------------------------------------------------------------------- -------------------------------------> This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify us at 972-(0)3-9399781 and permanently delete the original and any copy of any e-mail and any printout thereof. ------------------------------------------------------------------------ --------------------------------------->
Current thread:
- All SOTM and a REAL honeypot for windows Udi Dahan (Mar 30)
- RE: All SOTM and a REAL honeypot for windows Miguel Cebrian (Mar 31)