what is honey pot ??

[Yatin Dabhi]

anyone whats honey pot ??

[iaxai]

anyone whats honey pot ??

It's a fake system that appears to be real and logs traffic.

You think that you are attacking a system, but it really doesn't get you anywhere because the whole system was fake.

http://en.wikipedia.org/wiki/Honeypot_(computing)

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network but which is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource that would be of value to attackers.

[Yatin Dabhi]

How is it possible ?

[Ingo]

Simply by following the wiki link iaxai provided you can find how...

For example you can end up here I know not the best bet, but that wiki link was helpful

[iaxai]

How is it possible ?

Here is another link to HoneyBOT a honey pot program for windows.

http://www.atomicsoftwaresolutions.com/honeybot.php

BT also has one.

[digip]

A honey pot is something that Poo bear uses to keep his honey in...to keep it away from ninjas.

[Eviltechie]

I bet I could have fun with that if I had a network worth breaking into, and I had a hacker.

[gEEEk]

Just get a computer with no valuable information.

Place it in a DMZ.

Run HoneyBOT.

[silentdud]

Honeypot open FTP sites are fairly common if I am correct.

[LauBen]

Honeypots Rock! The amount of intel you can gather about hackers and malware is hugh :) I have worked with both low and high interaction honeypot, on and off for a few years now.

Just make sure you do monitor it and that you block the Honeypot box from being able to send any traffic out, other wise you may get some nasty call's and e-mails from your ISP, or worse the police.

Amazon have some good books on the subject, such titles as:-

Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Know Your Enemy: Learning about Security Threats (2nd Edition)

Honeypots: Tracking Hackers

To name but a few. Also take a look at http://www.honeypots.net for even more info.

It all depends on what you are trying to do with your honeypot and what level of interaction you are after. I would suggest that you first take a look at the Honeyd (http://www.honeyd.org/) if you are looking at setting up a *nix based one, or HoneyBOT (http://www.atomicsoftwaresolutions.com/honeybot.php) if you are on windows.

Hope this helps :)

[will-wtf]

Net tools has something simmilar built in, called hacker trap. Has all the ports open that are, well, exploitable... Netbus, sub 7 etc..

[shonen]

Ah cool I never knew there was one available for windows, I knew of the of the nix shit and have always wanted to have a bit of a fiddle. I was planning on doing it over this lot of school holidays but my ass got pumped with assignments.

[MRGRIM]

The "honey pot" I know of relates to anti spam solutions, where by your ISP e.g. AOL will setup fake email accounts e.g. brian.life@aol.com. Its then logical to assume any email sent to this address is unrequested and can be categorized as spam and the sender blocked.

I guess I hadn't though about the other way it could be used but it makes sense that it does exist. :)

[digip]

There are different types of honeypots. WebHoney pots, email(as you stated Mr grim) and then fake home user machines accessed via the internet, which usually get hit by worms sweeping IP ranges for open ports and such.

http://isc.sans.org/diary.html?storyid=6070

http://www.sans.org/resources/idfaq/honeypot3.php

http://www.honeynet.org/

http://www.projecthoneypot.org/

http://www.honeypots.net/

I think there is even a VM that comes set up as a HoneyPot.