<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Honeypots: Re: Honeywall with some problems

Re: Honeywall with some problems

From: Krzysztof Cabaj <kcabaj_at_gmail.com>
Date: Wed, 22 Feb 2006 17:30:33 +0100

Hello,

> Third, i what to use this honeypot to catch spam. How can i set snort
> to extract me the mails that exit from honeypot? Is there another
> method to catch them, other than tcpdump logs?

You should load to Snort signature like this

log tcp <<your honeypots'a network adress >> any <> any 25 (session:printable;)

This rule dump all SMTP sessions to ascii files.

Regards,
Krzysztof (Christopher) Cabaj
Received on Feb 22 2006

This message: [ Message body ]
Next message: Earl Sammons: "Honeynet Project Honeywall update breakage"
Previous message: Zapatisthack: "Re: HELP vmware hpots"
In reply to: George: "Honeywall with some problems"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos