Honeyd for Windows!
From: Michael A. Davis (mdavis@SECURITYPROFILING.COM)
Date: 03/18/03
- Previous message: Russ: "Re: Microsoft Security Bulletin - MS03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 17 Mar 2003 18:31:12 -0600 From: "Michael A. Davis" <mdavis@SECURITYPROFILING.COM> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
SecurityProfiling is proud to announce that its lead developer, Michael A.
Davis, who was responsible for porting the UNIX based IDS, Snort, to
Windows, has now also brought the best virtual honeypot to the Windows
world!
What is Honeyd?
Honeyd is a small daemon that creates virtual hosts on a network that
enhance network security by providing virtual honeypots which increase
security by detecting, monitoring, and containing unauthorized activity.
The hosts can be configured to run arbitrary services, and their personality
can be adapted so that they appear to be running certain operating systems.
Honeyd
enables a single host to claim multiple addresses - I have tested up to
65536 - on a LAN for network simulation. Honeyd improves cyber security by
providing mechanisms for threat detection and assessment. It also deters
adversaries by hiding real systems in the middle of virtual systems.
How does the Windows port differ from the UNIX version of honeyd?
The only difference is that the Windows port does not support subsystems.
Scripts, proxies, personalities, etc are all 100% fully supported. You can
even run the example scripts that come with honeyd if you install a Windows
version of PERL or sh. Please see
http://www.securityprofiling.com/honeyd/WIN32_README.txt for more
information.
What versions of Windows will this run on?
honeyd-win32 should work on any Windows OS that supports WinPcap.
Where can I download it?
You can download it from
http://www.securityprofiling.com/honeyd/honeyd.shtml
Is the Windows port free?
Yes. All code changes are BSD licensed and have been given back to the
community. You can download a diff at the download link above. Hopefully,
Niels Provos, the author of honeyd, and I can merge these changes into the
main honeyd source tree.
Questions, Comments or Suggestions?
Please email me at mdavis@securityprofiling.com with any.
Thank you,
Michael A. Davis
SecurityProfiling, Inc.
http://www.securityprofiling.com
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
FREE WEBINAR: ICSA LABS' 2002 VIRUS PREVALENCE SURVEY RESULTS!
Join TruSecure and the ICSA Labs next Tuesday, March 18th, for our FREE
webinar previewing the results of the ICSA Labs' 8th Annual Virus Prevalence
Survey. Hear from the experts on the latest Internet attack trends,
corporate security measures and virus/malware expectations for 2003, with
recommendations on what you can do now to protect your organization. This
webinar sells out every year, so click below to sign up today!
www.trusecure.com/offer/s0080/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Russ: "Re: Microsoft Security Bulletin - MS03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
