Honeypots mailing list archives

RE: HONEYD WIN32 SCRIPTS

From: "Roger A. Grimes" <roger () banneretcs com>
Date: Mon, 7 Mar 2005 19:30:51 -0500

I can't tell exactly what you are asking for here.  Can you re-state
your question or send a big code snippet?

Roger

************************************************************************
***
*Roger A. Grimes, Banneret Computer Security, Computer Security
Consultant 
*CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), CEH, CHFI
*email: roger () banneretcs com
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by
O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
************************************************************************
****

 

-----Original Message-----
From: Ksacaramel () aol com [mailto:Ksacaramel () aol com] 
Sent: Monday, March 07, 2005 12:18 PM
To: honeypots () securityfocus com
Subject: HONEYD WIN32 SCRIPTS

hey people, 

i was wondering if anyone is familiar with honeyd win 32 and knew which
script i can find the point where the logging activity takes place. 

i.e. the point where it says 'loop to check if malicious activity is
taking place. if malicious activity takes place, log the activity' in
program code.lool.


thanks for your help

Current thread:

HONEYD WIN32 SCRIPTS Ksacaramel (Mar 07)
- <Possible follow-ups>
- RE: HONEYD WIN32 SCRIPTS Roger A. Grimes (Mar 07)