Honeypots mailing list archives
Re: deceptive content on honeypots
From: Jeremy Bennett <jeremy_f_bennett () yahoo com>
Date: Thu, 10 Apr 2003 10:30:42 -0700 (PDT)
This presentation at the SAN pavillion at the NAB this week includes a set of backup slides that discuss ManTrap (aka Symantec Decoy Server) in a little bit more detail. http://www.sanconference.com/content/2003/west/presentations/203.pdf (This same presentation was given at SANS San Diego at a Symantec lunch & learn session) For the record the vulnerabilities discussed on bugtraq were in the 1.6 version of the product. The currently shipping version is 3.01. 3.1 is slated to be released soon. SecurityFocus has references to the vendor response as well as links to a few good papers on ManTrap. -J --- Jim Yuill <jimyuill () pobox com> wrote:
In-Reply-To: <3E88CCCE.DFB0A098 () jessland net>ManTrap has a Content Generation Module that takes care of thatstuff.You can read about it at: http://enterprisesecurity.symantec.com/content/displaypdf.cfm?pdfid=343&EID=0JESSFYI, I searched the Net for other info on Mantrap, and found: * Lance's Honepots book has a chapter on Mantrap * search of SecurityFocus (for "mantrap") returned very interesting info on a Mantrap vulnerability (to detection) discovered by Loki, and fixed by vendor * SC Magazine has a review of Mantrap Info on other Mantrap sources would be most appreciated! Jim
Current thread:
- Re: deceptive content on honeypots Jeremy Bennett (Mar 31)
- <Possible follow-ups>
- RE: deceptive content on honeypots Richard La Bella (Florida Honeynet) (Apr 01)
- Re: deceptive content on honeypots Jim Yuill (Apr 02)
- Re: deceptive content on honeypots Jim Yuill (Apr 08)
- Re: deceptive content on honeypots Jeremy Bennett (Apr 10)