Honeypots mailing list archives
Re: botnet logs
From: Nathan <nathan.trav () gmail com>
Date: Mon, 17 Nov 2008 16:31:32 +0100
Hello! I don't really get this part. If the host pc you are running honeyd on it is infected, how can you benefit from this with your honeyd? It's okay to monitor your pc's traffic, and control the outgoing malicious packets, but where honeyd comes in? The only thing i can think of, to watch the malware trying to spread through the virtual hosts generated by honeyd. Thanks, Nate Valdis.Kletnieks () vt edu wrote:
2) The honeyd is running on a host that's part of a botnet. For this to happen, first it has to be botted into the net - and then the owners of the honeyd have to allow it to participate in the attack, which is somewhat morally ambiguous (unless you let it attack but then firewall off the attack packets along the way).
Current thread:
- botnet logs Nathan (Nov 15)
- Re: botnet logs Valdis . Kletnieks (Nov 16)
- Re: botnet logs Nathan (Nov 17)
- Message not available
- Re: botnet logs Valdis . Kletnieks (Nov 17)
- Re: botnet logs Valdis . Kletnieks (Nov 16)
- Re: botnet logs Gabriele Zanoni (Nov 17)