Firewall Wizards mailing list archives
Re: DNS Names for external services
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 27 Apr 2010 16:05:10 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Does that not depend upon what your honeypot is set to do for defense? At least one user may well have just gotten spanked and blocked from the network. Hopefully not the whole netblock the internal user is from though...
Thanks, Ron DuFresne On Fri, 23 Apr 2010, david () lang hm wrote:
On Fri, 23 Apr 2010, Morty wrote:On Sat, Apr 17, 2010 at 10:50:31AM -0500, Frank Knobbe wrote:Likewise, if you don't run an FTP server (or CVS, or POP3, or...), setup DNS records for those pointing to your honeypot. Use it to respond in anyway you see fit for defense of your network (blocking the IP, etc).What happens when one of your legit users says "I wonder if we have an FTP server?" and tries ftp.$YOURCOMPANY.com just to see if it answers?if your server is locked down, nothing (other than an additional failed login)if your server is vunerable, people who use nmap or similar will find it anyway and you will be hacked anyway.David Lang _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 These things happened. They were glorious and they changed the world..., and then we fucked up the endgame. --Charlie Wilson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFL10N5st+vzJSwZikRAtAhAJ9I91pOqC9bRiVLrXHMY12cUSOakACeIbOl Y2AbHSaYHgE2Ei+kRZVXfgo= =K1/K -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- DNS Names for external services Behm, Jeff (Apr 13)
- Re: DNS Names for external services Paul D. Robertson (Apr 13)
- Re: DNS Names for external services Carson Gaspar (Apr 14)
- Re: DNS Names for external services Bruce B. Platt (Apr 14)
- Re: DNS Names for external services Frank Knobbe (Apr 22)
- Re: DNS Names for external services Morty (Apr 23)
- Re: DNS Names for external services david (Apr 26)
- Re: DNS Names for external services Morty Abzug (Apr 27)
- Re: DNS Names for external services Frank Knobbe (Apr 27)
- Re: DNS Names for external services Paul D. Robertson (Apr 27)
- Re: DNS Names for external services R. DuFresne (Apr 27)
- Re: DNS Names for external services Andre Lima (Apr 26)
- Re: DNS Names for external services Dave Piscitello (Apr 27)
- Re: DNS Names for external services Paul D. Robertson (Apr 13)
- Re: DNS Names for external services Dave Piscitello (Apr 22)
- Re: DNS Names for external services Paul Melson (Apr 22)
- Re: DNS Names for external services Kent Crispin (Apr 14)
- Re: DNS Names for external services John Morrison (Apr 14)
- Re: DNS Names for external services kent (Apr 15)