Honeypots mailing list archives
Re: Know Your Enemy: Learning with VMware
From: tycho () fruru com
Date: Tue, 28 Jan 2003 00:04:31 +0100 (CET)
On Mon, 27 Jan 2003, Alexandre Dulaunoy wrote:
On Mon, 27 Jan 2003, Lance Spitzner wrote:Solaris, and OpenBSD. The Honeynet Project has found VMware to be a very powerful solution for development and testing of Honeynet technologies.Yes, this is a powerful solution but this is still not Free (as in Freedom ;-). Another point is the fingerprint of the VMware hardware. How do you solve that issue ? Is it a way to do change the hardware description in VMware ?
AFAIK apart from editing in the vmware binary, there is no way to make eg. the disks report something less obvious as model identification. Joy :-) I guess it all depends up to what level you want to give people a "real"-feeling system to hack/crack. And with more and more real webhosting businesses starting to offer UML and/or VMWare'd "machines" to their clients I think that VMware/UML honeypots will gain in importance and will more easily be accepted by blackhats. But I would love to hear your feedback on this.
PS : Is there some other honeynet running with plex/bochs ?
Do you have too much spare processing power ? :-) Cheers, Tycho
Current thread:
- Know Your Enemy: Learning with VMware Lance Spitzner (Jan 27)
- Re: Know Your Enemy: Learning with VMware Alexandre Dulaunoy (Jan 27)
- Re: Know Your Enemy: Learning with VMware tycho (Jan 27)
- Re: Know Your Enemy: Learning with VMware Bill McCarty (Jan 27)
- Re: Know Your Enemy: Learning with VMware Jeremy Bennett (Jan 27)
- Re: Know Your Enemy: Learning with VMware Bill McCarty (Jan 28)
- Re: Know Your Enemy: Learning with VMware Lance Spitzner (Jan 29)
- Re: Know Your Enemy: Learning with VMware Alexandre Dulaunoy (Jan 27)
- Re: Know Your Enemy: Learning with VMware Adam H . Pendleton (Jan 27)