Re: High interaction Windows Honeypot

[Ahmed Ameen <ahmedameen () gmail com>]

Kfsensor is a great tool but i cant conceder it to be a high
interaction honeypot

On 8/17/05, mnelson <mnelson () nels-sec com> wrote:
> Ahmed,
>
>      You may want to look into Kfsensor for windows.  It emulates Windows
> enviroments and other services well.  It isn't free, but is an excellent
> tool.
>
> http://www.keyfocus.net/kfsensor/
>
>
>
> -----Original Message-----
> From: Ahmed Ameen [mailto:ahmedameen () gmail com]
> Sent: Sunday, August 14, 2005 5:05 AM
> To: honeypots () securityfocus com
> Subject: Re: High interaction Windows Honeypot
>
> Hello all, first I would like to thank you all for the very helpful replies,
> now I have a question which I have been looking for a while with no success.
> Have there been any attempts to have a fully built High interaction Windows
> Honeynet, in a way where no UNIX or Linux systems has been used?
>
> And regarding the tools needed to build such a Honeynet, we already see that
> Michael has promised us to have a windows version of sebek3 (server and
> client) in the upcoming 2 weeks, and as for IDS we have Snort for windows.
> If you know any more windows tools that would be helpful in building a High
> interaction Windows Honeynet please share..
>
> Thanks.


-- 
Regards
Ahmed Ameen