Comments on Fred Cohen's "Deception Toolkit"

[Jeremy Epstein <jepstein () tis com>]

A couple of months ago Fred Cohen announced the availablility of his
"deception toolkit" (details are available at http://all.net/dtk).  It's
basically a set of tools that you can put on your system to simulate a
"honeypot", that do lots of logging.  For example, you put his "telnet" out
there and find people rattling doorknobs (rather than just having nothing
to respond, in which case you're less likely to know that someone was
trying).  My initial inclination is that it's a pretty lame excuse for an
intrusion detection system, but am looking for more knowledgable opinions!

Anyway, I've looked around the net (including searching archives of this
list), and have found very little discussion of his "product".  Any
opinions out there?

Thanks for your input!
--Jeremy