Honeypots mailing list archives
RE: High interaction Windows Honeypot
From: "mnelson" <mnelson () nels-sec com>
Date: Tue, 16 Aug 2005 21:55:58 -0500
Ahmed,
You may want to look into Kfsensor for windows. It emulates Windows
enviroments and other services well. It isn't free, but is an excellent
tool.
http://www.keyfocus.net/kfsensor/
-----Original Message-----
From: Ahmed Ameen [mailto:ahmedameen () gmail com]
Sent: Sunday, August 14, 2005 5:05 AM
To: honeypots () securityfocus com
Subject: Re: High interaction Windows Honeypot
Hello all, first I would like to thank you all for the very helpful replies,
now I have a question which I have been looking for a while with no success.
Have there been any attempts to have a fully built High interaction Windows
Honeynet, in a way where no UNIX or Linux systems has been used?
And regarding the tools needed to build such a Honeynet, we already see that
Michael has promised us to have a windows version of sebek3 (server and
client) in the upcoming 2 weeks, and as for IDS we have Snort for windows.
If you know any more windows tools that would be helpful in building a High
interaction Windows Honeynet please share..
Thanks.
Current thread:
- High interaction Windows Honeypot Ahmed Ameen (Aug 08)
- Re: High interaction Windows Honeypot Thorsten Holz (Aug 08)
- <Possible follow-ups>
- RE: High interaction Windows Honeypot Stejerean, Cosmin (Aug 08)
- RE: High interaction Windows Honeypot Stejerean, Cosmin (Aug 08)
- RE: High interaction Windows Honeypot Michael A. Davis (Aug 08)
- RE: High interaction Windows Honeypot Michael A. Davis (Aug 09)
- Re: High interaction Windows Honeypot George Bakos (Aug 11)
- Re: High interaction Windows Honeypot Ahmed Ameen (Aug 12)
- RE: High interaction Windows Honeypot Michael A. Davis (Aug 12)
- Re: High interaction Windows Honeypot Ahmed Ameen (Aug 14)
- RE: High interaction Windows Honeypot mnelson (Aug 16)
- Re: High interaction Windows Honeypot Ahmed Ameen (Aug 17)
- RE: High interaction Windows Honeypot Michael A. Davis (Aug 08)