Honeypots mailing list archives
Re: Wireless honeypots
From: Matt Harris <mdh () unix si edu>
Date: Mon, 27 Jan 2003 18:47:50 -0500
But that means getting a network connection everywhere I go with it - I'd like it to be somewhat mobile (ie just a laptop running an ids and some honeypot software, and a wide-open AP). I can do this for under $500, getting a mobile internet connection would be a bit more cost-intensive. Jeremy Bennett wrote:
The issue the article raises is that it's difficult to discover intent with a shallow rig. That is, only access points with no connectivity to the Internet. Most attackers are not going to look for a wireless network and then simply attack machines on that network. They will likely want to use the wireless network as an anonymous point of attack on machines connected to the Internet. What might be interesting is to build a wireless access point in combination with snort inline to allow full access to the Internet but with the protection of some of the nextgen honeynet rules. -J
-- /* * * Matt Harris - Senior UNIX Systems Engineer * Smithsonian Institution, OCIO * */
Current thread:
- Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Marcelo Barbosa Lima (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Talisker (Jan 27)
- <Possible follow-ups>
- Re: Wireless honeypots Garrett Sinfield (Jan 27)
- Re: Wireless honeypots DKezer (Jan 27)