Honeypots mailing list archives
Re: Wireless honeypots
From: Jeremy Bennett <jeremy () deities org>
Date: Mon, 27 Jan 2003 12:19:56 -0800
You are probably remembering this article: http://online.securityfocus.com/news/552The issue the article raises is that it's difficult to discover intent with a shallow rig. That is, only access points with no connectivity to the Internet. Most attackers are not going to look for a wireless network and then simply attack machines on that network. They will likely want to use the wireless network as an anonymous point of attack on machines connected to the Internet.
What might be interesting is to build a wireless access point in combination with snort inline to allow full access to the Internet but with the protection of some of the nextgen honeynet rules.
-J Marcelo Barbosa Lima wrote:
Hi Matt, I do not remember now, but I know that already exists an similar work. I remember that I saw about it in Securityfocus site. The idea was take attackers doing war driving. Best Regards, Marcelo. ----- Original Message ----- From: "Matt Harris" <mdh () unix si edu> To: <honeypots () securityfocus com> Sent: Monday, January 27, 2003 5:06 PM Subject: Wireless honeypotsHas anyone every theorized the possibility of a wireless honeypot - that is, a wireless ethernet with a wide-open access point (or a somewhat more secured one if you want more interesting data...) with maybe one or two honeypot hosts behind it (not connected to the internet, so no worry of problems with being used as a launchpoint for attacks)? Sounds like a possibly fun idea - I'm thinking about doing this in various geographic areas (my workplace in downtown DC, my home in Bowie MD, etc) in order to gather statistical data about who/where is sniffing/searching for open wireless ethernet access. If anyone else finds this idea interested let me know, maybe we could correlate efforts, etc. -- /* * * Matt Harris - Senior UNIX Systems Engineer * Smithsonian Institution, OCIO * */
Current thread:
- Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Marcelo Barbosa Lima (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Talisker (Jan 27)
- <Possible follow-ups>
- Re: Wireless honeypots Garrett Sinfield (Jan 27)
- Re: Wireless honeypots DKezer (Jan 27)