Honeypots mailing list archives
Re: Introducing the Tactical Honeynet Deployment Project
From: "Tom Britten" <tomb () antenseven net>
Date: Tue, 2 Sep 2003 02:12:28 -0400
If the box is bogus but you can't tell till you get in, you will still catch #1. If you are going for #2, you are right. The box has to look legit. As for #3, you typically need to have them playing on the box for a while to figure this one out. To be honest, I think the great work done by Lance and others has done a wonderful job of already answering that one.
I agree with all of that, my concern and comment about building your own system from the ground up was not solely based upon the idea that you needed it look real after they have already broken in. It was also from a concern of control standpoint (sorry i don't think i made it entirely clear the first). An improperly configured honeypot/honeynet is a risk if not controlled, more so with news laws and the concept of legal liability coming into play. So I guess my original comment about building from the ground up was to address a plethora of problems that are encountered in deploying. controlling and monitoring honeypots/honeynets. Hope that makes more sense ^_^ Tom Britten Sr. Systems Engineer
Current thread:
- Introducing the Tactical Honeynet Deployment Project Michael Anuzis (Aug 30)
- Re: Introducing the Tactical Honeynet Deployment Project greg (Aug 31)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Greg Tracy (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Damian Menscher (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Lance Spitzner (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project greg (Aug 31)
- Re: Introducing the Tactical Honeynet Deployment Project Tom Britten (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Chris Brenton (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Tom Britten (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Chris Brenton (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Tom Britten (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Thomas Jones (Sep 02)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 02)
- <Possible follow-ups>
- Re: Introducing the Tactical Honeynet Deployment Project Jeremy Pierson (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project JPP (Sep 01)
- Re: Introducing the Tactical Honeynet Deployment Project Valdis . Kletnieks (Sep 01)
- Re:Introducing the Tactical Honeynet Deployment Project gangadhar npk (Sep 02)