Honeypots mailing list archives
Re: Complete Honeynet
From: Valdis.Kletnieks () vt edu
Date: Sun, 26 Jan 2003 01:54:17 -0500
On Sat, 25 Jan 2003 20:19:54 +0100, zeal0t () gmx net said:
My company wanna try some Honeynet solutions and I'm learning by this company (apprentiship). I told them I wanna try to make this project and now I have a question. For what I must look when I wanna realise a Honeynet.
Step 1: Decide why you want a honeypot rather than an intrusion detection system (IDS). What do you want the honeypot to do for you that an IDS won't? The answer to this question will greatly determine what your setup will look like. For instance, if you're trying to learn about Windows hackers, a RedHat-based honeypot probably won't do it for you, unless you go to GREAT lengths to fool the attackers. Similarly, what hardening you do will depend on what you're trying to catch, and why.... -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Honeypot article Lance Spitzner (Jan 15)
- Re: Honeypot article Ing. Bernardo Lopez (Jan 15)
- Re: Honeypot article R. Anthony Kolstee (Jan 24)
- Re: Honeypot article Jon (Jan 25)
- Complete Honeynet zeal0t (Jan 25)
- Re: Complete Honeynet rewt (Jan 25)
- Re: Complete Honeynet Valdis . Kletnieks (Jan 26)
- <Possible follow-ups>
- RE: Honeypot article Keith Bruss (Jan 15)
- RE: Honeypot article Spikeman (Jan 15)
- RE: Honeypot article Grégoire Welraeds (Jan 15)
- RE: Honeypot article Tom McLaughlin (Jan 16)
- RE: Honeypot article Spikeman (Jan 15)
- Re: Honeypot Article Roland Venter (Jan 15)
- RE: Honeypot article Bosschert, B. (is-ks) (Jan 16)
- RE: Honeypot article Valter Santos (Jan 16)