Honeypots mailing list archives

Re: pcap log analysis

From: "Joe Hickory" <J.Hickory () gmx net>
Date: Wed, 28 Jul 2004 15:13:28 +0200 (MEST)

hi list, 
 
as there were some more requests for the pcap script i decided to put them
online. 
 
http://zeus.fh-brandenburg.de/~reitenba/index.html 
 
there are also some modified sebek server and web scripts, as i could crash
the 
sebek server unrecoverably and disabling sebek logging completely for all
honeypots 
if i did a cat /etc/timezone on any honeypot. 
 
my other modified sebek-server now logs syslog packets from the honeypots
into 
a database. a small web-interface is included. 
 
did i broke any licence? just tell me. 
 
any questions? just ask. 
 
hope its at least a bit useful to someone. 
 
joe 

-- 
NEU: WLAN-Router für 0,- EUR* - auch für DSL-Wechsler!
GMX DSL = supergünstig & kabellos http://www.gmx.net/de/go/dsl

Current thread:

pcap log analysis Joe Hickory (Jul 19)
- Re: pcap log analysis Elliott C. Bäck (Jul 19)
- Re: pcap log analysis Kyle Maxwell (Jul 19)
- Re: pcap log analysis Graeme Connell (Jul 19)
- Re: pcap log analysis Christian Kreibich (Jul 19)
- <Possible follow-ups>
- Re: pcap log analysis Joe Hickory (Jul 26)
- Re: pcap log analysis Joe Hickory (Jul 28)
  - Re: pcap log analysis Edward Balas (Jul 28)
- Re: pcap log analysis Joe Hickory (Jul 29)