Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: RE: High interaction Windows Honeypot

RE: High interaction Windows Honeypot

From: mnelson <mnelson_at_nels-sec.com>
Date: Tue, 16 Aug 2005 21:55:58 -0500

Ahmed,

      You may want to look into Kfsensor for windows. It emulates Windows
enviroments and other services well. It isn't free, but is an excellent
tool.

http://www.keyfocus.net/kfsensor/

-----Original Message-----
From: Ahmed Ameen [mailto:ahmedameen_at_gmail.com]
Sent: Sunday, August 14, 2005 5:05 AM
To: honeypots_at_securityfocus.com
Subject: Re: High interaction Windows Honeypot

Hello all, first I would like to thank you all for the very helpful replies,
now I have a question which I have been looking for a while with no success.
Have there been any attempts to have a fully built High interaction Windows
Honeynet, in a way where no UNIX or Linux systems has been used?

And regarding the tools needed to build such a Honeynet, we already see that
Michael has promised us to have a windows version of sebek3 (server and
client) in the upcoming 2 weeks, and as for IDS we have Snort for windows.
If you know any more windows tools that would be helpful in building a High
interaction Windows Honeynet please share..

Thanks.
Received on Aug 16 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos