Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: attack redirection

From: Ray Stirbei <me () highentropy org>
Date: Sun, 18 May 2003 14:28:22 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Forescout ( http://www.forescout.com/index.html) sells a product that works
with commercial firewall and IPS vendors.  It detects all kinds of scans and
returns dummy server information. Then any traffic to these dummy servers can
be filtered. You can replace the dummy server addresses with your
honeypot(s).

I agree this would be a great feature to snort and I have copied the
snort-inline list.

Best regards

ray


On Friday 16 May 2003 02:48 pm, Jon Baer wrote:

It would be nice to have an intelligent version of Snort to be able to do
this :-)  Im also interested in an answer, if you get it please pass along.
Thanks.

- Jon

----- Original Message -----
From: "Andrew Elmore" <andrew.elmore () cyber-south com>
To: <security-basics () securityfocus com>
Sent: Friday, May 16, 2003 7:38 AM
Subject: attack redirection


Hey guys,
       I'm looking for some program to redirect an attack on my web server
to a honeypot. Maybe triggered by number of hits in a given time or by
certain requests. Does such a thing exist? Where can I get it? Or would I
have to write some kind of script?
Thanks for your help.

Andy


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now!
--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
---------------------------------------------------------------------------
-



---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now! --UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
---------------------------------------------------------------------------
-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+x9DGzejBliQ3SdsRAtjzAKDugolpgwe8l44CH0tfnE3YURjS/QCfQEyl
Kdg7j0zoQ6Z0Z3WhNWezH5M=
=UOcy
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: