Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: Re: Honeyd for Windows

Re: Honeyd for Windows

From: Biju Thomas <biju.thomas.m_at_gmail.com>
Date: Fri, 18 Aug 2006 13:50:47 -0400

Hi ,

Thankyou for the responses.

I have got a fair idea about the honeypot solutions available. I tried
out KFSensor on Windows XP and installed Honeyd1.5a on a RHEL 3.0
machine both with the default configurations. I will now explore the
advanced features.

I will also try out honeybot and Specter.

I went through tracking-hackers.com, and the mailing lists at honeyd
site. Is there any suggestion for other disscussion forums available
for the honeypot technology.

Thanks,
Biju

On 8/18/06, James Chamberlain <jchamberlain_at_isac-usa.com> wrote:
> Another Windows Honeypot is Specter. They have a $200 R&D version.
>
>
> Jim Chamberlain
>
>
>
> On Aug 17, 2006, at 2:11 PM, Roger A. Grimes wrote:
>
> In all reality, Honeyd for Windows doesn't really work anymore. Michael
> Davis did us a great service by porting it from Linux to Windows back in
> the day, but since then it has been nearly a dead project. It doesn't
> work well on Windows at all, has major routing issues, etc.
>
> My book, Honeypots for Windows, has a few chapters on it. I loved it.
> But, yes, it's time to use Honeyd on Linux or BSD if you've got the
> skills. It works great there. Or try Kfsensor or PatriotBox instead.
> KFSensor is the best Windows honeypot on the market, although a bit
> pricy for the casual user. It's a great eval though. And try any of the
> excellent honeypot discussion sites to find dozens of other free
> honeypots to play with.
>
> Roger
>
> *****************************************************************
> *Roger A. Grimes, InfoWorld, Security Columnist
> *CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
> *email: roger_grimes_at_infoworld.com or roger_at_banneretcs.com
> *Author of Professional Windows Desktop and Server Hardening (Wrox)
> *http://www.amazon.com/gp/product/0764599909
> *****************************************************************
>
>
>
> -----Original Message-----
> From: Thorsten Holz [mailto:thorsten.holz_at_gmail.com]
> Sent: Thursday, August 17, 2006 4:45 AM
> To: honeypots_at_securityfocus.com
> Subject: Re: Honeyd for Windows
>
> On 8/17/06, Biju Thomas <biju.thomas.m_at_gmail.com> wrote:
>
> > I am new to Honeypot technology. After reading through honeypot
> > related literature, I wanted to try some hands-on. I decided to try
> > out honeyd for Windows. The papers suggested that honeyd for windows
> > can be downloaded from
> > http://www.securityprofiling.com/honeyd/honeyd.shtml
>
> Honeyd for Windows has not been updated for a long time, the currently
> available version is 0.5a. Honeyd for Linux/*BSD is already at version
> 1.5a. So I would strongly suggest to try the Linux/*BSD version...
>
> > However this link seems to be not responding. Is there any other place
>
> > from where I can download honeyd for Windows.
>
> You could try http://www.datanerds.net/~mike/binaries/
>
> Cheers,
> Thorsten
>
>
>
Received on Aug 18 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos