Honeypots mailing list archives

Re: Honeypot and Policy Routing

From: Edward Balas <ebalas () iu edu>
Date: Wed, 9 Apr 2003 09:50:46 -0500 (EST)

On 8 Apr 2003, Nigel Clarke wrote:

Has anyone done any work with policy routing and Honeypots?


Yes.

The next generation of routing and security equipment will be 
more intelligent <we hope> and possibly a hybrid of the existing
technologies. In the mean time, administrators are required to divert
traffic to Honeypots. 

Has anyone done any work where you used policy routing to route specific
traffic to Honeypots?


I have used policy routing in conjuction with tunnels to create virtual 
distributed honeynet.  This isnt based on the type of traffic so much as
the source of the traffic, ie honeypot A traffic traverses Tunnel A and 
honeypot B traverses honeypot B.

All of this has been done within Linux...

What specifically are you trying to do?

Edward Balas

Current thread:

Honeypot and Policy Routing Nigel Clarke (Apr 08)
- RE: Honeypot and Policy Routing Alberto Gonzalez (Apr 08)
- RE: Honeypot and Policy Routing Andrew Hintz (Drew) (Apr 08)
- Re: Honeypot and Policy Routing Edward Balas (Apr 09)
- Re: Honeypot and Policy Routing Franck Veysset (Apr 09)