|
Full Disclosure
mailing list archives
Re: honeypots
From: Vipul Agarwal <vipul () nuttygeeks com>
Date: Mon, 30 Jan 2012 15:23:57 +0000
Hi there,
You may first need identify the purpose of using it.
- If you want to collect malwares exploiting Windows vulnerabilities,
you've Nepenthes which is a low-interaction honeypot. It can be easily
installed in Debian from the official repo.
- If you're looking something to detect intrusion in a production
environment, you've Honeyd (even this is available as a Debian package)
- For something more specific, like capturing live ssh sessions, you may
use Kippo. It stores the logs in UML format that can be played back on a
later stage using tools like Ajaxterm. You even get a separate copy of the
tools and bots they download using wget.
- Glastopf is another good high interaction honeypot with a nice
vulnerability emulator. Although, you need patience and some SEO to get
best results out of it.
I hope this helps.
Regards,
Vipul
On Fri, Jan 27, 2012 at 6:56 PM, <lallantada () tvazteca com mx> wrote:
i am looking for a good honeypot
thanks
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Thanks and Regards,
Vipul Agarwal
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
