Honeypots mailing list archives
Re: Question about Dynamic Honeypots.
From: oudot <oudot () rstack org>
Date: Mon, 22 Sep 2003 23:37:40 +0200
Plamen Tonev a écrit:
On Mon, 22 Sep 2003 10:22:04 +0430 (IRST) Mahdi samadi <samadi () cabinet amnafzar com> wrote: i think that passive fingerprinting not works in networksthat have swiths, Are you have an idea in this situation? (arp spoofing is one solution but it seems that is not good solution)Another solution is to buy a real good manageable switch and plug your honeypot to one of ports of the switch and tell the switch to send copy of ALL data transmitted on other ports to your honeypot's port. Greetz, Plamen
Exact.By the way, the two parts can live separately : one part does the analysis and collection on the network (to guess what kind of configuration it should take) and the other will get its orders from the first one (and would launch the appropriate honeypots).
laurent oudot
Current thread:
- Question about Dynamic Honeypots. Mahdi samadi (Sep 22)
- Re: Question about Dynamic Honeypots. Patrick Dolan (Sep 22)
- Re: Question about Dynamic Honeypots. Richard Stevens (Sep 22)
- Re: Question about Dynamic Honeypots. Jack Whitsitt (jofny) (Sep 22)
- Project: Multiple service-instances on single h-pot Daniel Roth (Sep 22)
- Re: Project: Multiple service-instances on single h-pot oudot (Sep 22)
- Re: Project: Multiple service-instances on single h-pot Daniel Roth (Sep 22)
- Re: Project: Multiple service-instances on single h-pot oudot (Sep 22)
- Re: Question about Dynamic Honeypots. Plamen Tonev (Sep 22)
- Re: Question about Dynamic Honeypots. oudot (Sep 22)