Honeypots mailing list archives
Re: Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet
From: Ryan Barnett <RCBarnett () hushmail com>
Date: 21 Jan 2004 14:46:58 -0000
In-Reply-To: <20040121085146.GW5496 () citi citi umich edu> I am assuming this advisory is in response to the recent Phrack "fake" article entitled "Advanced Honeypot Identification" -http://www.phrack.org/fakes/p63/p63-0x09.txt It discusses some interesting issues with sebek, honeyd and vmware virtual honeypot systems. -Ryan
-----BEGIN PGP SIGNED MESSAGE----- Honeyd Security Advisory 2004-001 ================================= Topic: Remote Detection Via Simple Probe Packet Version: All versions prior to Honeyd 0.8 Severity: Identification of Honeyd installations allows an adversary to launch attacks specifically against Honeyd. No remote root exploit is currently known.
Current thread:
- Re: Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet Ryan Barnett (Jan 21)