Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

RE: newbie Re: Honeypots: Uses and Features
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Mon, 16 Jun 2003 08:46:25 +1200



-----Original Message-----
From: Sydney Grenzebach [mailto:sydney () sydcom de] 
Sent: Sunday, 15 June 2003 6:01 p.m.
To: honeypots () securityfocus com
Subject: newbie Re: Honeypots: Uses and Features


Hi All,
I have a question to the thread, whilst reading the comments 
I was wondering 
if anyone had seen the Honeypots being used to detect an 
attack which was 
previously unknown. 


A lot of pretty famous security companies actively use honeypots to get
information about actual and possibly new attack patterns.

Probably the best example is Digital Defense's honeypot which, back in
april, detected a previously unknown attack on samba.
You can find more info about this case at the following URL:

http://news.com.com/2100-1009-996574.html


Also, I'd suggest to check honeynet challenges, ie.
http://project.honeynet.org/scans/scan17/ had a case with attack which
wasn't detected by IDS or firewall.

Best regards,

Bojan Zdrnja

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]