Honeypots mailing list archives
Re: Question about Dynamic Honeypots.
From: Plamen Tonev <micro () fadata bg>
Date: Tue, 23 Sep 2003 00:22:39 +0300
On Mon, 22 Sep 2003 10:22:04 +0430 (IRST) Mahdi samadi <samadi () cabinet amnafzar com> wrote: i think that passive fingerprinting not works in networks
that have swiths, Are you have an idea in this situation? (arp spoofing is one solution but it seems that is not good solution)
Another solution is to buy a real good manageable switch and plug your honeypot to one of ports of the switch and tell the switch to send copy of ALL data transmitted on other ports to your honeypot's port. Greetz, Plamen -- "When did I realize I was God? Well, I was praying and I suddenly realized I was talking to myself." Peter O'Toole. --------------------------------------------------------------------------- Public PGP key at: http://pgp.mit.edu pub 1024D/98D3363F 2003/08/16 Plamen Tonev (MiCRoPhoBIC) <micro () fadata bg> Key fingerprint = 5D08 C610 0F09 618E 3515 5C87 0F62 3808 98D3 363F ---------------------------------------------------------------------------
Attachment:
_bin
Description:
Current thread:
- Question about Dynamic Honeypots. Mahdi samadi (Sep 22)
- Re: Question about Dynamic Honeypots. Patrick Dolan (Sep 22)
- Re: Question about Dynamic Honeypots. Richard Stevens (Sep 22)
- Re: Question about Dynamic Honeypots. Jack Whitsitt (jofny) (Sep 22)
- Project: Multiple service-instances on single h-pot Daniel Roth (Sep 22)
- Re: Project: Multiple service-instances on single h-pot oudot (Sep 22)
- Re: Project: Multiple service-instances on single h-pot Daniel Roth (Sep 22)
- Re: Project: Multiple service-instances on single h-pot oudot (Sep 22)
- Re: Question about Dynamic Honeypots. Plamen Tonev (Sep 22)
- Re: Question about Dynamic Honeypots. oudot (Sep 22)