Jump to content

what is honey pot ??


Yatin Dabhi

Recommended Posts

anyone whats honey pot ??

It's a fake system that appears to be real and logs traffic.

You think that you are attacking a system, but it really doesn't get you anywhere because the whole system was fake.

http://en.wikipedia.org/wiki/Honeypot_(computing)

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network but which is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource that would be of value to attackers.

Link to comment
Share on other sites

:blink: A honey pot is something that Poo bear uses to keep his honey in...to keep it away from ninjas. :ph34r:
Link to comment
Share on other sites

Just get a computer with no valuable information.

Place it in a DMZ.

Run HoneyBOT.

Link to comment
Share on other sites

  • 3 months later...

Honeypots Rock! The amount of intel you can gather about hackers and malware is hugh :) I have worked with both low and high interaction honeypot, on and off for a few years now.

Just make sure you do monitor it and that you block the Honeypot box from being able to send any traffic out, other wise you may get some nasty call's and e-mails from your ISP, or worse the police.

Amazon have some good books on the subject, such titles as:-

Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Know Your Enemy: Learning about Security Threats (2nd Edition)

Honeypots: Tracking Hackers

To name but a few. Also take a look at http://www.honeypots.net for even more info.

It all depends on what you are trying to do with your honeypot and what level of interaction you are after. I would suggest that you first take a look at the Honeyd (http://www.honeyd.org/) if you are looking at setting up a *nix based one, or HoneyBOT (http://www.atomicsoftwaresolutions.com/honeybot.php) if you are on windows.

Hope this helps :)

Link to comment
Share on other sites

Ah cool I never knew there was one available for windows, I knew of the of the nix shit and have always wanted to have a bit of a fiddle. I was planning on doing it over this lot of school holidays but my ass got pumped with assignments.

Link to comment
Share on other sites

The "honey pot" I know of relates to anti spam solutions, where by your ISP e.g. AOL will setup fake email accounts e.g. brian.life@aol.com. Its then logical to assume any email sent to this address is unrequested and can be categorized as spam and the sender blocked.

I guess I hadn't though about the other way it could be used but it makes sense that it does exist. :)

Link to comment
Share on other sites

There are different types of honeypots. WebHoney pots, email(as you stated Mr grim) and then fake home user machines accessed via the internet, which usually get hit by worms sweeping IP ranges for open ports and such.

http://isc.sans.org/diary.html?storyid=6070

http://www.sans.org/resources/idfaq/honeypot3.php

http://www.honeynet.org/

http://www.projecthoneypot.org/

http://www.honeypots.net/

I think there is even a VM that comes set up as a HoneyPot.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...