Honeypots mailing list archives
Managing Deception
From: seamus blarnum <crpyt0k1d () yahoo com>
Date: Tue, 5 Jul 2005 19:07:38 -0700 (PDT)
Greetings, I have some questions for the sticky-crew here. I'm working on a paper on honeynet development for a small-mid sized corporation. The issue I keep coming into is the management of a grouping of dummy systems. Does anyone know of a good commercial product that can simulate user behavior and crawl websites, build or import network documents from a central server to simulate network transfers? I was also wondering if there is a product that could simulate random content emails, by scanning popular "sites of interest" and use site headlines in emails "the packers just won", or "kevin mitnick released a trance album". Just simple stuff that would seam innocuous from a remote listener. Potentially even having a central file server that simulates network traffic by scanning through documents prepared by the deployment team that contains specific information to be relayed through the network? I know it seems like a lot, but I'm sitting here putting this into a moldable mental form. Content is important if these things are going to really be sticky. The low skill of newbs helps them not understand what to seek, but skilled infiltrators are looking for something specific (accounting information, intellectual property, etc). These are the folks we want to get stuck and sit around long enough for us to identify why they're on the box in the first place. Thoughts from the group? Thanks for any pointers, solid comments, or responses. Seamus ____________________________________________________ Sell on Yahoo! Auctions no fees. Bid on great items. http://auctions.yahoo.com/
Current thread:
- Managing Deception seamus blarnum (Jul 05)
- Re: Managing Deception ChayoteMu (Jul 06)