Honeypots mailing list archives
Re: Wireless honeypots
From: "Alan Neville" <aneville () isiclabs com>
Date: Sun, 26 Jan 2003 00:46:59 -0000
Could I suggest an alternative idea? Find a company (or a school such as a university/college) which is currently running a Wireless Network. Write up a proposal, which outlines the fundamentals of the project, and make a meeting with the head of the computer services department, or the head of IT. Once in the meeting, you can go through the proposal, and outline the benefits the project could have on the corporation or school, by using the found results to deploy better security policies on their network. This could solve your cost problem. All you'd have to do, is provide a system or laptop, and hook it into their wireless network. Assign the system an IP address, setting your IDS and honeypot applications and your ready to go. Regards, Alan ----- Original Message ----- From: "Matt Harris" <mdh () unix si edu> To: "Jeremy Bennett" <jeremy () deities org>; <honeypots () securityfocus com> Sent: Monday, January 27, 2003 11:47 PM Subject: Re: Wireless honeypots
But that means getting a network connection everywhere I go with it - I'd like it to be somewhat mobile (ie just a laptop running an ids and some honeypot software, and a wide-open AP). I can do this for under $500, getting a mobile internet connection would be a bit more cost-intensive. Jeremy Bennett wrote:The issue the article raises is that it's difficult to discover intent with a shallow rig. That is, only access points with no connectivity to the Internet. Most attackers are not going to look for a wireless network and then simply attack machines on that network. They will likely want to use the wireless network as an anonymous point of attack on machines connected to the Internet. What might be interesting is to build a wireless access point in combination with snort inline to allow full access to the Internet but with the protection of some of the nextgen honeynet rules. -J-- /* * * Matt Harris - Senior UNIX Systems Engineer * Smithsonian Institution, OCIO * */
Current thread:
- Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Marcelo Barbosa Lima (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Matt Harris (Jan 27)
- Re: Wireless honeypots Alan Neville (Jan 27)
- Re: Wireless honeypots Jeremy Bennett (Jan 27)
- Re: Wireless honeypots Talisker (Jan 27)
- <Possible follow-ups>
- Re: Wireless honeypots Garrett Sinfield (Jan 27)
- Re: Wireless honeypots DKezer (Jan 27)