Honeypots mailing list archives
Commercial anti-honeypot tool [2]
From: "Larissa Fricker" <lft () netsec ch>
Date: Mon, 12 Jan 2004 17:05:55 +0100
The names and mail contents are random data to avoid the honeypot identifying Hon.eypot Hun.ter.
Wouldn't it be easy for a honeypot to detect "Hon.eypot Hun.ter" simply by looking for SOCKS clients that make connection requests back to their own IP on port 25? For these connections, the honeypot could provide full SOCKS functionality.
Current thread:
- Commercial anti-honeypot tool [2] Larissa Fricker (Jan 12)
- Re: [mailinglists] Commercial anti-honeypot tool [2] KeyFocus (Jan 12)
- Re: Commercial anti-honeypot tool [2] Valdis . Kletnieks (Jan 12)
- Re: Commercial anti-honeypot tool KeyFocus (Jan 12)