Antwort: Re: Honeypot Software

From: Marko.Muncan@arxes.de
Date: 04/30/02

• Previous message: Catfish: "Re: Personal firewall with remote control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

To: Jason Yates <jyates@dataservice.org>
From: Marko.Muncan@arxes.de
Date: Tue, 30 Apr 2002 08:09:45 +0200

Okay!

Thats what came to my mind last night. I just have to install an older
Version of Linux and have to setup snort and a tcplogger, maybe a bash
keystroke logger. I downloaded honeyd from http://www.tracking-hackers.com
and compiled it. Now i read the manpage of this software and didn´t worked
it out how to use it... :-( I think i will do it as you said and just
install an older Version. Is there any Documentation on setting up a
honeypot *besides* http://project.honeynet.org ??? Maybe a Documentation of
an already ready-to-use System? That would be very nice if someone has a
link to this topic. Thnx in advance...

Mit freundlichen Grüßen
Marko Muncan
__________________________________________
arxes Network Communication Consulting AG

Schanzenstraße 36
Gebäude 197
D-51063 Köln

Telefon: +49 (0) 221 96486 - 268
Telefax: +49 (0) 221 96486 -
WEB: http://www.arxes.de
MailTo: Marko.Muncan@arxes.de

                                                                                                                    
                    Jason Yates
                    <jyates@datase An: Marko.Muncan@arxes.de
                    rvice.org> Kopie: security-basics@securityfocus.com
                                          Thema: Re: Honeypot Software
                    29.04.02 23:18
                                                                                                                    
                                                                                                                    

I suggest you don't use any type of honeypot "software". I would
suggest instead, to just install an old version of Red Hat or an old
version of Mandrake in your case. I would also help to know if you
doing this as a decoy or just for fun(learning). I personally wouldn't
use a compiled setup toolkit for either one, and I personally wouldn't
use any honeypot as a decoy, but thats another debate.

Check out,

http://project.honeynet.org

or this book

http://www.amazon.com/exec/obidos/ASIN/0201746131/ref=ase_thehoneynet0c-20/103-8301009-7575805

-Jason

On Mon, 2002-04-29 at 02:53, Marko.Muncan@arxes.de wrote:
> Yesterday I tried to set up a honeypot on my Mandrake 8.2 box and it
didn´t
> worked out. Mandrake uses xinetd and the document from dtk (deception
> toolkit http://www.all.net/dtk/) is about inetd. Now it tried to manually
> set up the services and ports for it and didn´t came through. First
> question: Which honeypot software are you using / Which u find best?
Second
> question: Is there a setup guide for dtk with xinetd and/or an
explanation
> to add services and ports manually to xinetd? (btw: i looked on
> www.xinetd.org and also tried using chkconfig and achieved nothing) Any
> help on that Topic would be greatly appreciated!
>
>
>
> Mit freundlichen Grüßen
> Marko Muncan
> __________________________________________
> arxes Network Communication Consulting AG
>
> Schanzenstraße 36
> Gebäude 197
> D-51063 Köln
>
> Telefon: +49 (0) 221 96486 - 268
> Telefax: +49 (0) 221 96486 -
> WEB: http://www.arxes.de
> MailTo: Marko.Muncan@arxes.de
>
>
> Informieren Sie sich über unsere Veranstaltungen zu den aktuellen
IT-Themen
> unter
> http://www.arxes.de/de/events/index.html
>
>

Informieren Sie sich über unsere Veranstaltungen zu den aktuellen IT-Themen
unter
http://www.arxes.de/de/events/index.html

---

• Previous message: Catfish: "Re: Personal firewall with remote control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Secondary site install not working ... If thats the case I would try to install from the CD. ... need to setup a secondary server. ... (microsoft.public.sms.admin) Best way to install SP2 ?? which is ?? ... I did a install of it a while ago, over my existing setup, which was ... installed was SP2, right after XP, then everything else. ... So if your having problems with SP2 maybe thats the only way can can ... (microsoft.public.windowsxp.help_and_support) Re: Continual Error 1321 Trying to Install Office 2003 ... As to evidence of which app installed wisptis, I suppose you'd have to set ... 2003 sure wants to install it and stalls when it can't because the progress ... Is there any way in the world to get into setup with some custom tool from ... *My Lack of MSFT Support Rant and View Hex Error Messages Do Nothing for the ... (microsoft.public.office.misc) Re: Continual Error 1321 Trying to Install Office 2003 ... it needs and now setup wants to stuff it back in. ... Wisptis is explained ... that will let me do a detailed enough or selective enough custom install to ... people running Office don't use a tablet. ... (microsoft.public.office.misc) Re: reinstall intranet company web Error. ... AnalyzePhaseZero used 0 ticks ... KB832880 Setup encountered an error: Setup cannot continue because one or ... Setup cannot continue because one or more pre-requisites required to install ... For More details check the Log File C:\WINDOWS\KB832880.log ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)