Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: honeypots
From: Vipul Agarwal <vipul () nuttygeeks com>
Date: Mon, 30 Jan 2012 15:23:57 +0000

Hi there,

You may first need identify the purpose of using it.

   - If you want to collect malwares exploiting Windows vulnerabilities,
   you've Nepenthes which is a low-interaction honeypot. It can be easily
   installed in Debian from the official repo.
   - If you're looking something to detect intrusion in a production
   environment, you've Honeyd (even this is available as a Debian package)
   - For something more specific, like capturing live ssh sessions, you may
   use Kippo. It stores the logs in UML format that can be played back on a
   later stage using tools like Ajaxterm. You even get a separate copy of the
   tools and bots they download using wget.
   - Glastopf is another good high interaction honeypot with a nice
   vulnerability emulator. Although, you need patience and some SEO to get
   best results out of it.

I hope this helps.

Regards,
Vipul
On Fri, Jan 27, 2012 at 6:56 PM, <lallantada () tvazteca com mx> wrote:

i am looking for a good honeypot

thanks
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
Thanks and Regards,
Vipul Agarwal
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault