Re: [fw-wiz] DNS Names for external services



On Fri, 23 Apr 2010, Morty wrote:

On Sat, Apr 17, 2010 at 10:50:31AM -0500, Frank Knobbe wrote:

Likewise, if you don't run an FTP server (or CVS, or POP3, or...),
setup DNS records for those pointing to your honeypot. Use it to
respond in anyway you see fit for defense of your network (blocking
the IP, etc).

What happens when one of your legit users says "I wonder if we have an
FTP server?" and tries ftp.$YOURCOMPANY.com just to see if it answers?

if your server is locked down, nothing (other than an additional failed login)

if your server is vunerable, people who use nmap or similar will find it anyway and you will be hacked anyway.

David Lang
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: [fw-wiz] DNS Names for external services
    ... Does that not depend upon what your honeypot is set to do for defense? ... At least one user may well have just gotten spanked and blocked from the network. ... if your server is locked down, nothing ...
    (Firewall-Wizards)
  • Re: Is MS Project what I need?
    ... It fits well into almost any project-oriented environment that uses Critical Path scheduling. ... Server extends the stand-alone environment into the enterprise and does it very well, ... governemnt agencies but don't fit our needs. ...
    (microsoft.public.project)
  • Re: How Would I Find the Actual Name of the Honeypot Software via a Pen Test?
    ... You may try and fingerprint the bios. ... How Would I Find the Actual Name of the Honeypot Software via a Pen Test? ... server, it could be sitting on a BSD or any linux/unix variant box. ...
    (Pen-Test)
  • Re: Compromise?
    ... My purpose is to ... provide useful information about SQL Server security. ... Verifying strong user passwords is one point of a defense strategy. ...
    (microsoft.public.sqlserver.security)
  • RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test?
    ... In fact, if you can finger print the server as linux, it's ... I'm assuming that within the honeypot configs, ... honeypot software they are using. ...
    (Pen-Test)