Honeypots mailing list archives

Honeyd-Windows emulation scripts and experience

From: "Roger A. Grimes" <rogerg () cox net>
Date: Thu, 24 Jul 2003 09:52:17 -0400

I'm in the process of writing a book about Honeypots for Windows.  I'm using
Michael Davis' port of Niels Provos' Honeyd as one of the main parts of the
book.

I'm interested in if anyone has produce any Windows emulation service
scripts beyond the one or two that I can find with the normal distributions?

Particularly, I'm looking to see if anyone has written scripts that mimic
Windows services (i.e. NetBIOS, telnet server, Terminal Server, NetBIOS
shares, enumeraton, etc.)

Of course, I'm also interested in any people's experiences of running the
Windows port of Honeyd in a medium or large environment.

Thanks in advanced for any responses.

Roger

****************************************************************************
****
*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE (NT/2000), CNE (3/4), A+
*email: rogerg () cox net
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of upcoming Honeypots for Windows (Apress)
****************************************************************************
*****

Current thread:

Honeyd-Windows emulation scripts and experience Roger A. Grimes (Jul 24)
- <Possible follow-ups>
- Re: Honeyd-Windows emulation scripts and experience Peter Bates (Jul 30)