Honeypots mailing list archives
Re: Oracle DB honeypot?
From: Sushant Sinha <sushant () umich edu>
Date: Sat, 10 Jun 2006 08:58:35 -0400
You do not want to attract *anyone*. Rather you want to attract the hacker. Since a client server model requires client to discover the service before connecting, you can only advertize your service in such a way that only hackers will access it. This is not easy and I do not know of a general way until and unless services become first class objects on the Internet and there is an infrastructure for service discovery. For now I will say, place your honeypot/service close to the production services. -Sushant. On Friday 09 June 2006 10:12 pm, hypermodest () gmail com wrote:
Hello. Does anybody have idea how to organize Oracle DB honeypot, to attract crackers to Listener service, iSQL*Plus service, etc? It's easy to install Oracle DB, start network sniffer and wait, but how to attract anyone?
Current thread:
- Oracle DB honeypot? hypermodest (Jun 09)
- Re: Oracle DB honeypot? Krzysztof Cabaj (Jun 10)
- Re: Oracle DB honeypot? Sushant Sinha (Jun 10)
- RE: Oracle DB honeypot? Ronald van der Westen (Jun 14)
- Re: Oracle DB honeypot? Stuart Thomas (Jun 15)
- Re: Oracle DB honeypot? Blarnum, Seamus (Jun 16)
- Re: Oracle DB honeypot? Stuart Thomas (Jun 15)