Honeypots mailing list archives

Re: fake services

From: "sunzi" <sunzi () mod-x co uk>
Date: Sun, 26 Jan 2003 10:59:52 -0500

These are the ones that I am aware of that let u script service interaction:

Deception Toolkit (DTK): http://www.all.net/dtk/download.html
Windog-DTK* (unsupported) archived here:
http://readyresponse.dynu.com/red-security/files/deception/windog-dtk.zip
Wininetd* (unsupported) archived here:
http://readyresponse.dynu.com/red-security/files/deception/WInetd_1.0Release
.exe

hth,
sunzi

* these 2 are Win32
----- Original Message -----
From: "honey grp" <honeypict () yahoo co in>
To: <honeypots () securityfocus com>; <provos () citi umich edu>
Sent: Sunday, January 26, 2003 1:59 AM
Subject: fake services

hi,
   We are a project group of five working on
honeypots. We have studied many honeypots till now. So
far we have observed that most of the honeypots do not
proper login to fake services. They just show the
banner i.e. the Welcome screen for ftp and telnet ,
ask for login and password and say "Denied access".
Why don't they give a fake service like showing some
fake files or so???
   Is it that if the hacker gets the access he can
easily compromise the honeypot..... Plz let us know if
any honeypot allows the hacker to login properly and
give him the access.

regards

________________________________________________________________________
Missed your favourite TV serial last night? Try the new, Yahoo! TV.
       visit http://in.tv.yahoo.com

Current thread:

fake services honey grp (Jan 26)
- Re: fake services sunzi (Jan 26)
- Re: fake services m m (Jan 28)
- <Possible follow-ups>
- RE: fake services Gonzalez, Albert (Jan 27)
  - Re: fake services Luis Wong (Jan 27)