Penetration Testing mailing list archives

Re: A kind of Honeypot

From: Antonio Stano <astano () tele-servizi com>
Date: Fri, 22 Jun 2001 10:32:56 +0200

About Specter i am using it to make a review of the product.
I have to say it's impressive it emulates 11 operating systems
Has configurable traps like sun rcp, web server, fake telnet.
If effect if you make a portscan with nmap -O you can discover the =
really operating system so i think the scope of honeypot is useless.
Anyway it's a good tool and i am proposing to spectre to add a scripting =
language.
Also DTK is nice as honeypot
and also Mantrap form Recourse Technologies
(the nice thing is that this kind of honeypot doen't emulate an os
but installs an hardened version of Solaris)
If you need any further infos feel free to contact me

Antonio Stano
Securityinfos
http://www.securityinfos.com

At the time I was using BOF by NFR, but this is no longer available.
One commercial honeypot solution that may work for you laptop is Specter
(www.specter.com).

lance

Current thread:

A kind of Honeypot Nicolas Gregoire (Jun 20)
- Re: A kind of Honeypot max (Jun 21)
- Re: A kind of Honeypot Nexus (Jun 21)
- RE: A kind of Honeypot Andrew van der Stock (Jun 21)
- Re: A kind of Honeypot Lance Spitzner (Jun 21)
- <Possible follow-ups>
- Re: A kind of Honeypot Antonio Stano (Jun 22)