Honeypots mailing list archives
Re: Gen I or Gen II
From: george chamales <george () overt org>
Date: Sat, 8 Feb 2003 11:18:38 -0600
What is the topic of your thesis and what sort of information are you looking to gather? More specific information would help everyone better answer your question.
On a side note, if you will be setting up your honeynet inside of your university's network be sure that you have permission from the people in charge of the network. Most university admins have enough to worry about as it is.
george On Saturday, February 8, 2003, at 09:09 AM, Richard Stevens wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,I'm planing to set up a honeynet to gather information for my thesis. I read most of the documentation provided on honeynet.org and also the books "Know your Enemy" and "Honeypots - Tracking Hackers". From what I learned Gen I ist considered the older but reliable way to do things compared to Gen II beingthe more advanced and supposedly easier way to achieve data control.In the answer to a rejected mail, Lance Spitzner "HIGHLY recommends" looking into Gen II Honeynets. Gen II definately sounds a lot better in various terms but the low version numbers on some of the tools make me question wether those utilities are ready for prime time yet. I'm no complete newby with Linux firewalls and for example snort and I'm confident I'd be able to set up a honeynet but having to work around serious problems with the used toolsmight still break my neck.I'm wondering, are Gen II Honeynets in production right now? What are your experiences. Do they work well? What would you suggest to someone building his first honeynet, Gen I or Gen II or a mixture? Anything you encounteredthat I should definately read, check out, keep in mind?One other thing, I tried to find a way to search and read the older posts on this list, since I only recently subscribed. The securityfocus webinterface is close to unusable. It's extremely slow to access from germany and due to missing threads not that easy to use. I tried to search on the net for analternative but wasn't sucessful up to now. Thanks a lot, Richard -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+RR2hWQvEMJfcXlQRAtpmAJ966J5vz1dxSMwAQcZgvf+J47kWQgCgnWFG w3zo55y1/A12UcNrKuIa5Iw= =H9Y0 -----END PGP SIGNATURE-----
Current thread:
- Gen I or Gen II Richard Stevens (Feb 08)
- Re: Gen I or Gen II george chamales (Feb 08)
- Re: Gen I or Gen II Richard Stevens (Feb 08)
- <Possible follow-ups>
- RE: Gen I or Gen II Richard-LaBella (Feb 10)
- Re: Gen I or Gen II george chamales (Feb 08)