Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Re: honeytokens in databases
From: Felix Groebert <felix () groebert org>
Date: Sat, 7 Oct 2006 00:37:41 +0200
gvij2000 () yahoo com (2006-09-18, 15:14):

hi
  I would like some guidance in creating and deploying honeytokens.
   
  1.Coming up with honeytoken data that would interest hackers.


If you embed information about the collector into the honeytoken they
are even more effective. I.e. password = magic xor ipaddress. see [1]


  2.How and where do I place the data so that I can monitor hackers.


Also depends on the target and the hacker; a general approach might be
that you put the credentials in a Apache httpd directory listing and
make sure google indexes it.

If you are targeting phishers or other large scale crackers with
automated credential-collecting tools [2] might interest you.

[1] http://koeln.ccc.de/schnucki/
[2] http://groebert.org/felix/pub/papers/TR_BiGaGr06Phoneypot_2.pdf

Cheers,
-- 
 Felix Groebert  <>  groebert.org/felix  <>  GPG key: 6B44113F

  By Date           By Thread  

Current thread:
  • Re: honeytokens in databases Felix Groebert (Oct 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]