![pen-test logo](/images/pen-test-logo.png)
Penetration Testing mailing list archives
RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test?
From: Jeremiah Brott <jeremiah () access2networks com>
Date: Thu, 21 Jun 2007 15:14:00 -0400
There was a paper written awhile back about detecting honeyd via packet fragmentation. Link below: http://www.merit.edu/networkresearch/papers/pdf/2006/MTR-2006-01.pdf -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of TStark Sent: Tuesday, June 19, 2007 2:10 PM To: pen-test Subject: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Good afternoon, I'm doing a pen test a new IPS appliance from outside the network, while working through the assessment I found that the server designated as my target was a honeypot set up by our server team rather than a normal server. I've now been challenged to now tell them the actual name of the honeypot software they are using. So with that, I figure I'd ask the pros, hoping that someone has a suggestion other than me low crawling under the raised floor in the server room looking for the host server:P Thanks for the help! Tony ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- How Would I Find the Actual Name of the Honeypot Software via a Pen Test? TStark (Jun 19)
- RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Paul Melson (Jun 20)
- Re: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Dragos Ruiu (Jun 20)
- Re: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? StaticRez (Jun 20)
- <Possible follow-ups>
- Re: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Jay (Jun 20)
- RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Michael Scheidell (Jun 21)
- RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Jeremiah Brott (Jun 21)
- RE: How Would I Find the Actual Name of the Honeypot Software via a Pen Test? Paul Melson (Jun 20)