Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: FakeNetBIOS tools released

FakeNetBIOS tools released

From: Patrick Chambet <pchambet_at_club-internet.fr>
Date: Wed, 19 Oct 2005 01:29:55 +0200

Hi,

I'm happy to announce the release of FakeNetBIOS, a family of tools
designed to simulate Windows hosts on a LAN (and more...).

The individual tools are:

  - FakeNetbiosDGM (NetBIOS Datagram)
  - FakeNetbiosNS (NetBIOS Name Service)

Each tool can be used as a standalone tool or as a honeyd responder or
subsystem.
The tools can also be used to play with Windows domains and hosts
announcements and to wreak havoc in a Windows LAN...

FakeNetbiosDGM sends NetBIOS Datagram service packets on port UDP 138 to
simulate Windows hosts bradcasts. It sends periodically NetBIOS
announces over the network to simulate Windows computers.
It fools the Computer Browser services running over the LAN and so on.
Note that it is an ACTIVE honeypot.

FakeNetbiosNS is a NetBIOS Name Service daemon, listening on port UDP
137. It responds to NetBIOS Name requests like real Windows computers:
for example 'ping -a', 'nbtstat -A' and 'nbtstat -a', etc.

The source code compiles on Win32 AND on Linux.
Feel free to fix the code (please tell me).

To download the tools: http://honeynet.rstack.org/tools.php

Have fun, 

--
Patrick Chambet - http://www.chambet.com
French Honeynet Project (FHP) - http://www.frenchhoneynet.org
FHP is hosted by rstack team - http://www.rstack.org
Received on Oct 18 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos