Honeypots: Re: Advice for setting up honeynet at home

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

Re: Advice for setting up honeynet at home

From: Christian Kreibich <christian () whoop org>
Date: Fri, 07 May 2004 02:37:15 -0700

On Thu, 2004-05-06 at 09:59, Valdis.Kletnieks () vt edu wrote:

Simple.  Don't bother filtering. Just connect your honeynet to your cable
modem, and don't surf the net or download your e-mail.  Anything that comes
across is probably a worm. :)


... or Windows popup spam :)

But Valdis is right -- what I would suggest is if you're running a
standard firewall setup that allows only outbound connection requests,
then instead of blocking incoming connection requests at the outside,
route them to your honeypot for logging/interaction.

Cheers,
Christian.
-- 
________________________________________________________________________
                                          http://www.cl.cam.ac.uk/~cpk25
                                                    http://www.whoop.org

By Date By Thread

Current thread:

Advice for setting up honeynet at home dcneting (May 05)
- Re: Advice for setting up honeynet at home Valdis . Kletnieks (May 06)
  - Re: Advice for setting up honeynet at home Christian Kreibich (May 07)
- <Possible follow-ups>
- RE: Advice for setting up honeynet at home Steven Trewick (May 07)