Honeypots mailing list archives
Re: honeytokens in databases
From: Felix Groebert <felix () groebert org>
Date: Sat, 7 Oct 2006 00:37:41 +0200
gvij2000 () yahoo com (2006-09-18, 15:14):
hi I would like some guidance in creating and deploying honeytokens. 1.Coming up with honeytoken data that would interest hackers.
If you embed information about the collector into the honeytoken they are even more effective. I.e. password = magic xor ipaddress. see [1]
2.How and where do I place the data so that I can monitor hackers.
Also depends on the target and the hacker; a general approach might be that you put the credentials in a Apache httpd directory listing and make sure google indexes it. If you are targeting phishers or other large scale crackers with automated credential-collecting tools [2] might interest you. [1] http://koeln.ccc.de/schnucki/ [2] http://groebert.org/felix/pub/papers/TR_BiGaGr06Phoneypot_2.pdf Cheers, -- Felix Groebert <> groebert.org/felix <> GPG key: 6B44113F
Current thread:
- Re: honeytokens in databases Felix Groebert (Oct 08)