Penetration Testing mailing list archives

Re: A kind of Honeypot

From: "Nexus" <nexus () patrol i-way co uk>
Date: Wed, 20 Jun 2001 19:18:22 +0100

Purely a IMHO, but that goes well beyond a honeypot as anyone could
inadvertantly browse to that site.
If I browsed to a site and all my alarms went off (as they would if it does
what you described) then I would consider that a bit of a liberty and might
consider getting in your face ;-)
As I said, purely a personal thing, but I would consider a website like that
hostile.. *shrug*
Surely a honeypot should be a subtle creature, not one that roars ?

Cheers.

----- Original Message -----
From: "Nicolas Gregoire" <nicolas.gregoire () 7thzone com>
To: <pen-test () securityfocus com>
Sent: Wednesday, June 20, 2001 9:42 AM
Subject: A kind of Honeypot

Hi all,

I plan to make a website just for my pen-tests.

This website grabs as much as possible info from the visitors (IP,
browser, proxy, etc ..), tries to exploit some common vulns of browsers
(Guninski's page is a good start for this) and hosts a passive
fingerprinting app.
The victims are "spammed" with some misc. content (p0rn, free CD/DVD,
jokes) linking (or redirecting) to the site.

Has anybody ever do that ?

Nicob

Current thread:

A kind of Honeypot Nicolas Gregoire (Jun 20)
- Re: A kind of Honeypot max (Jun 21)
- Re: A kind of Honeypot Nexus (Jun 21)
- RE: A kind of Honeypot Andrew van der Stock (Jun 21)
- Re: A kind of Honeypot Lance Spitzner (Jun 21)
- <Possible follow-ups>
- Re: A kind of Honeypot Antonio Stano (Jun 22)