Honeypots mailing list archives
RE: results of the first honeyd challenge (dynamic honeynet?)
From: Jose Nazario <jose () monkey org>
Date: Mon, 31 Mar 2003 08:27:17 -0500 (EST)
On Mon, 31 Mar 2003, Compton, Rich wrote:
Reading all of the great entries from the honeyd challenge gave me an idea for a dynamic honeynet. The problem that I have implementing a honeypot is that it takes up IPs. I have to reconfigure the honeypot as soon as I need one of those IPs that's assigned on the honeypot. Wouldn't it be nice to have a honeynet that looks for IPs in a subnet that are not used (maybe by trying to ping them) and then creates a honeynet for just those IPs. The honeypot could then see when one of those IPs are being used and remove it from its configuration.
arpd already does this with honeyd. it watches for unanswered arp requests and then assumes they're unoccupied. it then sends a reply and allows you to occupy them. it is a good idea, so good in fact that this is already done. ___________________________ jose nazario, ph.d. jose () monkey org http://www.monkey.org/~jose/
Current thread:
- RE: results of the first honeyd challenge (dynamic honeynet?) Compton, Rich (Mar 31)
- RE: results of the first honeyd challenge (dynamic honeynet?) Jose Nazario (Mar 31)
- RE: results of the first honeyd challenge (dynamic honeynet?) Mario Sergio Jr. (Mar 31)
- Re: results of the first honeyd challenge (dynamic honeynet?) Wim Mees (Mar 31)