Re: DNS Names for external services

["R. DuFresne" <dufresne () sysinfo com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Does that not depend upon what your honeypot is set to do for defense?  At 
least one user may well have just gotten spanked and blocked from the 
network.  Hopefully not the whole netblock the internal user is from 
though...



Thanks,

Ron DuFresne



On Fri, 23 Apr 2010, david () lang hm wrote:

> On Fri, 23 Apr 2010, Morty wrote:
>
> > On Sat, Apr 17, 2010 at 10:50:31AM -0500, Frank Knobbe wrote:
> >
> > > Likewise, if you don't run an FTP server (or CVS, or POP3, or...),
> > > setup DNS records for those pointing to your honeypot. Use it to
> > > respond in anyway you see fit for defense of your network (blocking
> > > the IP, etc).
> >
> > What happens when one of your legit users says "I wonder if we have an
> > FTP server?" and tries ftp.$YOURCOMPANY.com just to see if it answers?
>
> if your server is locked down, nothing (other than an additional failed 
> login)
>
> if your server is vunerable, people who use nmap or similar will find it 
> anyway and you will be hacked anyway.
>
> David Lang
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () listserv icsalabs com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

These things happened. They were glorious and they changed the world...,
and then we fucked up the endgame.    --Charlie Wilson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFL10N5st+vzJSwZikRAtAhAJ9I91pOqC9bRiVLrXHMY12cUSOakACeIbOl
Y2AbHSaYHgE2Ei+kRZVXfgo=
=K1/K
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards