Honeypots mailing list archives
Re: Oracle DB honeypot?
From: "Blarnum, Seamus" <crpyt0k1d () yahoo com>
Date: Fri, 16 Jun 2006 07:50:14 -0700 (PDT)
IMHO... you will need a good cover story for your DB. Functionality and purpose is a good one. Content and traffic generation to the DB is another... If it's just sitting there with old data, hackers won't stay around. if the public view of the DB is juicy, then someone will come and take a peek at it. --- Stuart Thomas <stuartpaulthomas () gmail com> wrote:
This was one of the problems I found with my 9i OracleDB honeyDBnet project in 2003, utilising a distinct (i.e. separate from the corp owned public ip's, but interesting enough to attract the big fly's) but interesting IP segment, as well as a populated site interesting and tempting enough to be attacked. Not an uncommon problem I suspect! :-) Ronald van der Westen wrote:I dont think you want to watch whole day to anetwork sniffer :)-----Oorspronkelijk bericht----- Van: hypermodest () gmail com[mailto:hypermodest () gmail com]Verzonden: zaterdag 10 juni 2006 4:13 Aan: honeypots () securityfocus com Onderwerp: Oracle DB honeypot? Hello. Does anybody have idea how to organize Oracle DBhoneypot, to attractcrackers to Listener service, iSQL*Plus service,etc?It's easy to install Oracle DB, start networksniffer and wait, but how toattract anyone?-- Stu Thomas Freelance security consultant (UK) CISMP(ISEB), GSEC Web: http://www.ethicalhacking.us
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- Oracle DB honeypot? hypermodest (Jun 09)
- Re: Oracle DB honeypot? Krzysztof Cabaj (Jun 10)
- Re: Oracle DB honeypot? Sushant Sinha (Jun 10)
- RE: Oracle DB honeypot? Ronald van der Westen (Jun 14)
- Re: Oracle DB honeypot? Stuart Thomas (Jun 15)
- Re: Oracle DB honeypot? Blarnum, Seamus (Jun 16)
- Re: Oracle DB honeypot? Stuart Thomas (Jun 15)