Honeypots mailing list archives
Re: Requiring help for implementation testing.
From: Valdis.Kletnieks () vt edu
Date: Mon, 31 Jan 2005 21:15:39 -0500
On Mon, 31 Jan 2005 15:00:56 -0400, =?ISO-8859-1?Q?Jos=E9_Vicente_Tom=E9_Vecchione?= said:
As many of you have lot of knowledge on this we where wondering if any of you may help us by attacking this honeypot and sharing any experience and comments about the attacks and the functionality of our honeypot.
Guaranteed that there are people on this list that could make your honeypot into a smoking pile of rubble in a few dozen packets. The problem is that there's no good way for us to know we're not about to make an actual production system into a smoking pile of rubble..... I can be fairly sure that if mail from (say) Dave Dittrich or Lance Spitzner shows up saying "Have at it..", that it's really their box and permission is granted (after I ping them at their usual e-mail address to make sure it's not a spoofed mail of course). Of course, that's due in large part to the fact that they're Dave and Lance. In general, this is a hard-to-solve problem. There's various cryptographic schemes (S/MIME and PGP being the leaders) that can be used to prove that I'm actually me and not an impostor. There's at the current time no really good way for me to prove that I actually have the authority to offer a system for attack. (In fact, a bit of thinking about "checks and balances" would show why it's a *bad* idea for me to have the authority to say anything resembling "official policy" or anything involving access control.. ;)
Attachment:
_bin
Description:
Current thread:
- Requiring help for implementation testing. José Vicente Tomé Vecchione (Jan 31)
- Re: Requiring help for implementation testing. Valdis . Kletnieks (Feb 01)
- <Possible follow-ups>
- RE: Requiring help for implementation testing. Gregory Lemmon (Feb 01)
- Re: Requiring help for implementation testing. Guillaume.Rix (Feb 01)
- Message not available
- Re: Requiring help for implementation testing.; Re: Re: Requiring help for implementation testing. Valdis . Kletnieks (Feb 01)