Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: Re: honeytokens in databases

Re: honeytokens in databases

From: Felix Groebert <felix_at_groebert.org>
Date: Sat, 7 Oct 2006 00:37:41 +0200

gvij2000_at_yahoo.com (2006-09-18, 15:14):
> hi
> I would like some guidance in creating and deploying honeytokens.
>
> 1.Coming up with honeytoken data that would interest hackers.

If you embed information about the collector into the honeytoken they
are even more effective. I.e. password = magic xor ipaddress. see [1]

> 2.How and where do I place the data so that I can monitor hackers.

Also depends on the target and the hacker; a general approach might be
that you put the credentials in a Apache httpd directory listing and
make sure google indexes it.

If you are targeting phishers or other large scale crackers with
automated credential-collecting tools [2] might interest you.

[1] http://koeln.ccc.de/schnucki/
[2] http://groebert.org/felix/pub/papers/TR_BiGaGr06Phoneypot_2.pdf

Cheers, 

-- 
 Felix Groebert  <>  groebert.org/felix  <>  GPG key: 6B44113F
Received on Oct 08 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos