Honeypots mailing list archives
RE: Does it really take so long to get a bite?
From: "Andrew Hintz \(Drew\)" <drew () overt org>
Date: Sat, 7 Dec 2002 11:25:54 -0600
We set up a honeynet two weeks ago. So that its not too simple (didnt want to just capture the first script kiddy), the only vulnerability on it is an old openssh.
The 15 minute captures are probably from script kiddies and worms.
How long does it take to get a hit? Previous reading and anecdotes said that some boxes are compromised within 15 mins of being hooked up to the network.
The quickest I've seen is 4 minutes. It was against a wide-open IIS box. In general, the less secure your honeypot is the shorter it'll be before you're compromised. However if your honeypot is more secure, then you'll see more interesting compromises. -- ^Drew http://guh.nu --Begin PGP Fingerprint-- 3C6C F712 0A52 BD33 C518 5798 9014 CA99 2DA0 5E78 --End PGP Fingerprint--
Current thread:
- Does it really take so long to get a bite? marc (Dec 07)
- RE: Does it really take so long to get a bite? Andrew Hintz (Drew) (Dec 07)
- Re: Does it really take so long to get a bite? Chris Reining (Dec 07)
- Re: Does it really take so long to get a bite? ktimm (Dec 07)
- Re: Does it really take so long to get a bite? Lance Spitzner (Dec 07)
- Re: Does it really take so long to get a bite? Mike Clark (Dec 08)
- Re: Does it really take so long to get a bite? Chris Reining (Dec 08)
- Re: Does it really take so long to get a bite? Mike Clark (Dec 09)
- Re: Does it really take so long to get a bite? Brian Hatch (Dec 09)
- Re: Does it really take so long to get a bite? Robert G. Ferrell (Dec 09)
- RE: Does it really take so long to get a bite? Greg van der Gaast (Dec 09)
- Re: Does it really take so long to get a bite? Anton A. Chuvakin (Dec 09)