Category:Honeypots

From SecurityForest

Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Honeyd enables a single host to claim multiple addresses on a LAN for network simulation. It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. It is also possible to proxy services to another machine rather than simulating them.
http://www.citi.umich.edu/u/provos/honeyd/
The Bait and Switch honeypot is a multifaceted attempt to take honeypots out of the shadows of the network security model and to make them an active participant in system defense. To do this, it creates a system that reacts to hostile intrusion attempts by redirecting all hostile traffic to a honeypot that is partially mirroring your production system. Once switched, the would-be attacker is unknowingly attacking your honeypot instead of the real system.
It is currently based on Snort, Linux's iproute2, and netfilter.
http://baitnswitch.sourceforge.net/
Download (https://sourceforge.net/project/showfiles.php?group_id=64718)
  • spamd Image:Bsd.jpg : OpenBSD's (http://www.openbsd.org/) spam deferral daemon/tarpit
spamd is a fake sendmail(8)-like daemon which rejects false mail. If the pf(4) packet filter is configured to redirect port 25 (SMTP) to this daemon, it will attempt to waste the time and resources of the spam sender. spamd is designed to be very efficient so that it does not slow down the receiving machine. Spam is never accepted, but always rejected with either a 450 or 550 error message.
spamd Man page (http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&apropos=0&sektion=0&manpath=OpenBSD+Current)
  • LaBrea Image:Win.jpg Image:Lin.jpg Image:Bsd.jpg : Sticky honeypot and IDS
LaBrea is a program that creates a tarpit, or a "sticky honeypot". LaBrea takes over unused IP addresses on a network and creates "virtual machines" that answer to connection attempts. LaBrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.
http://labrea.sourceforge.net/
Download (http://sourceforge.net/project/showfiles.php?group_id=70896)

Articles in category "Honeypots"

There are 0 articles in this category.
Retrieved from "http://www.securityforest.com/wiki/index.php/Category:Honeypots"
Advertisement