Honeypots mailing list archives
Re: Planning question
From: "Rodney Green" <rgreen () trayerproducts com>
Date: Tue, 3 Jun 2003 09:32:03 -0400
Your honeynet should be outside of your firewall and yes, ACLs on a router or firewall are necessary. You'll also want to make sure that your honeyenet machines can't be used as a launchpads for attacking other networks. You would probably also do this with ACLs. I'm sure others on the list will have more information on this. Rod ----- Original Message ----- From: <Piotr.Linke () nokia com> To: <honeypots () securityfocus com> Sent: Tuesday, June 03, 2003 8:52 AM Subject: Planning question Hi all! I'm going to set up a honeynet with few operating systems (Unix, Solaris, 2000, Redhat) and two types of IDSes - Snort and RealSecure. How can I prevent an intruder from attacking other hosts from my honeypots after compromising them? Should I set some ACLs on router or firewall? Please advise, Piotr.
Current thread:
- Planning question Piotr.Linke (Jun 03)
- Re: Planning question Rodney Green (Jun 03)
- Re: Planning question Richard Stevens (Jun 03)
- Re: Planning question Davide Del Vecchio (Jun 03)
- <Possible follow-ups>
- Re: Planning question Garrett Sinfield (Jun 03)