Honeypots mailing list archives
Re: AW: Honey VS Vinegar
From: Adam Graham <agraham () datastreamcowboys net>
Date: Tue, 02 Nov 2004 08:18:22 -0600
I have been provoking attacks (usally in IRC) for years... when I mentioned this in another security related list a few years ago i got flamed so bad i still feel toasty... I have noticed (using a bit of psycology from the aid of my wife who is a phycologist and closet geek girl) that you can easily tell if you are going to get your basic 13 or 14 yr old script kiddie or someone a bit more skillful... but dont forget to check you hunnypot webserver logs for all those refers from google (thanks Johnny for google hacking).... sorry if it was a rant... but it's my 2 cents worth... On Tue, 2004-11-02 at 05:29, Stephan Riebach wrote:
Reading all your posts I wondered if aggressive tactics do really provoke new/interesting attacks. More precisely I wondered how far we should go?! I tested some tactic earlier by installing a P2P client on a honeypot and provoking attacks by "annoying" users. I created random data files with "dd" and converted them to the mp3 format using lame (http://lame.sourceforge.net/). I gave those fake files the names of famous Top20 songs and provided the files with my KazaaLite client. I also provided some real large faked files which I simply renamed as zip or rar archive, e.g. "Windows2000Prof.zip" . The honeypot was online for 6 weeks and many files were downloaded but really no new/unusual/special attack could be detected in this time. Just the well-known port 135 and 445 signatures. I also run a web server on this honeypot and I hoped to increase attacks with this "annoying" tactic. Maybe you can compare this with fishing and my lure was bad or I simply had no luck. :-) Or maybe I proofed that P2P users are harmless and never attack anybody. :-) Cheers! Stephan
Current thread:
- Honey VS Vinegar Polazzo Justin (Oct 27)
- Re: Honey VS Vinegar Valdis . Kletnieks (Oct 27)
- <Possible follow-ups>
- Re: Honey VS Vinegar the rxmr (Oct 27)
- Re: Honey VS Vinegar Jeff Bryner (Nov 01)
- AW: Honey VS Vinegar Stephan Riebach (Nov 02)
- Re: AW: Honey VS Vinegar Adam Graham (Nov 02)
- RE: Honey VS Vinegar lubomir nistor (Nov 02)
- Re: Honey VS Vinegar Jeff Bryner (Nov 01)