<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Honeypots: Re: botnet logs

Re: botnet logs

From: Nathan <nathan.trav_at_gmail.com>
Date: Mon, 17 Nov 2008 16:31:32 +0100

Hello!

I don't really get this part. If the host pc you are running honeyd on
it is infected, how can you benefit from this with your honeyd? It's
okay to monitor your pc's traffic, and control the outgoing malicious
packets, but where honeyd comes in? The only thing i can think of, to
watch the malware trying to spread through the virtual hosts generated
by honeyd.

Thanks,
Nate

Valdis.Kletnieks_at_vt.edu wrote:
> 2) The honeyd is running on a host that's part of a botnet. For this to
> happen, first it has to be botted into the net - and then the owners of the
> honeyd have to allow it to participate in the attack, which is somewhat
> morally ambiguous (unless you let it attack but then firewall off the
> attack packets along the way).
>
Received on Nov 17 2008

This message: [ Message body ]
Next message: Valdis.Kletnieks_at_vt.edu: "Re: botnet logs"
Previous message: Gabriele Zanoni: "Re: botnet logs"
In reply to: Valdis.Kletnieks_at_vt.edu: "Re: botnet logs"
Next in thread: Gabriele Zanoni: "Re: botnet logs"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]