[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Automic notification of isp after scan
From: "Nicholas D. Buraglio-List account" <list () securitydrop ! com>
Date: 2001-03-28 14:35:02
[Download RAW message or body]
You should check out http://project.honeynet.org/
Lance Spitzner has somewhat specialized in HoneyPot studies. I recommend
reading all his papers, although some are probably a bit too simple for
those already experienced, others are well thought out and written.
Personally I've been studying Honeypots for about a year, using Slackware,
Redhat, and Solaris, and NT comparing all my results with an OpenBSD
2.7 "Honeypot" (minus the NT) and my quickest root came in ~2 days (on a
Redhat 6.2 machine sitting on a cable modem). Interestingly, my 3 fastest
roots have come from that cable modem link.
--------------------------
Nicholas D. Buraglio
Services Powered by......
_ _ __ _
/ \._ _ ._ |_)(_ | \
\_/|_)(/_| ||_)__)|_/
|
http://www.securitydrop.com
On Tue, 27 Mar 2001, Neil Dickey wrote:
>
> "shawn . moyer" <shawn@net-connect.net> wrote in response to me:
>
> >> One of our network admins once told me that he could set
> >> up a Linux box using all default settings, connect it to
> >> the net without entering it into the DNS or otherwise
> >> making it visible, and let it sit. He said it would be
> >> discovered and hacked within a week.
> >
> >I do this with honeypots, and my record so far is four days. Default
> >install of RH 6.2. I believe the honeynet project folks have seen some
> >get rooted faster than that.
>
> Wow, that's quick, and thanks for the info. Believe it or not, I use
> stuff like this when my people start moaning "Is all this really
> necessary?"
>
> "Yes, it is," to use words of one syllable. ;-)
>
> Best regards,
>
> Neil Dickey, Ph.D.
> Research Associate/Sysop
> Geology Department
> Northern Illinois University
> DeKalb, Illinois
> 60115
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic