Honeypots mailing list archives

Re: Does it really take so long to get a bite?

From: Brian Hatch <honeypots () ifokr org>
Date: Mon, 9 Dec 2002 17:11:07 -0800

And it got me thinking again of how it might depend upon the IP address.
Would it not make sense to try to compare scans for the same service for
various honeypots running on different IPs?  The question is how to make
the comparison without disclosing the honeypot IP address?


That is a possibility.  But I think we've been failing to
list one crucial detail: OS.

My vulnerable '1.5-years-without-a-breakin' sparc machine was on a campus
network.  The x86 honeypot one ip address away was getting rooted routinely.

However the sparc was runing linux, not solaris.  Many x86 linux attacks
were thrown at it, but few sparc versions (and those were irrelevant to
what I'd installed.)

However I've no doubt that had it been running solaris, it would have
been pegged with more appropriate attacks.

--
Brian Hatch                  Reegen: "Mama knocked it over."
   Systems and                 Bree: "No I didn't, you
   Security Engineer                  suspicious wench."
http://www.ifokr.org/bri/     Brian: "Uhh, that's not in the
                                      parenting books..."
Every message PGP signed

Attachment: _bin
Description:

Current thread:

Re: Does it really take so long to get a bite?, (continued)
- - Re: Does it really take so long to get a bite? ktimm (Dec 07)
  - Re: Does it really take so long to get a bite? Lance Spitzner (Dec 07)
    - Re: Does it really take so long to get a bite? Mike Clark (Dec 08)
    - Re: Does it really take so long to get a bite? Chris Reining (Dec 08)
    - Re: Does it really take so long to get a bite? Mike Clark (Dec 09)
    - Re: Does it really take so long to get a bite? Brian Hatch (Dec 09)
    - Re: Does it really take so long to get a bite? Robert G. Ferrell (Dec 09)
    - RE: Does it really take so long to get a bite? Greg van der Gaast (Dec 09)
    - Re: Does it really take so long to get a bite? Anton A. Chuvakin (Dec 09)
    - Re: Does it really take so long to get a bite? marc (Dec 09)
    - Re: Does it really take so long to get a bite? Brian Hatch (Dec 10)
    - Re: Does it really take so long to get a bite? TageTora (Dec 12)
    - Re: Does it really take so long to get a bite? Brian Hatch (Dec 12)
    - RE: Does it really take so long to get a bite? Andrew Hintz (Drew) (Dec 10)
    - RE: Does it really take so long to get a bite? Adam Graham (Dec 10)
    - Re: Does it really take so long to get a bite? Thomas Sjögren (Dec 10)
    - Re: Does it really take so long to get a bite? Anton Chuvakin (Dec 10)
    - Re: Does it really take so long to get a bite? Thomas Sjögren (Dec 10)
    - Re: Does it really take so long to get a bite? Anton A. Chuvakin (Dec 08)
  - Re: Does it really take so long to get a bite? Seth Arnold (Dec 09)
- Re: Does it really take so long to get a bite? Martim Carbone (Dec 07)

(Thread continues...)