Honeypots mailing list archives
RE: Honeypot and Policy Routing
From: "Alberto Gonzalez" <albertg () cerebro wwjh net>
Date: Tue, 8 Apr 2003 19:44:09 -0700
Bait N Switch doesn't do "policy" routing. What we do is mark offending packets with a 1 and have our custom routing tables route them through a specified interface if they're marked. Can you call this 'policy routing?'. So we are routing 'specific' traffic to our honeypots, instead of just forwarding all major ports. Hope that helps! Cheers, Alberto Gonzalez [1] - http://baitnswitch.sf.net [2] - http://www.violating.us/projects/baitnswitch/ --- "Success comes to the person who does today, what you are thinking of doing tomorrow." -----Original Message----- From: Nigel Clarke [mailto:nigel () 26354 net] Sent: Tuesday, April 08, 2003 12:18 PM To: honeypots () securityfocus com Subject: Honeypot and Policy Routing Has anyone done any work with policy routing and Honeypots? The next generation of routing and security equipment will be more intelligent <we hope> and possibly a hybrid of the existing technologies. In the mean time, administrators are required to divert traffic to Honeypots. Has anyone done any work where you used policy routing to route specific traffic to Honeypots? -- Nigel Clarke Blade Runner #26354 *Filed and Monitored*
Current thread:
- Honeypot and Policy Routing Nigel Clarke (Apr 08)
- RE: Honeypot and Policy Routing Alberto Gonzalez (Apr 08)
- RE: Honeypot and Policy Routing Andrew Hintz (Drew) (Apr 08)
- Re: Honeypot and Policy Routing Edward Balas (Apr 09)
- Re: Honeypot and Policy Routing Franck Veysset (Apr 09)