Honeypots mailing list archives
Re: Honeyd for Windows
From: "Biju Thomas" <biju.thomas.m () gmail com>
Date: Fri, 18 Aug 2006 13:50:47 -0400
Hi , Thankyou for the responses. I have got a fair idea about the honeypot solutions available. I tried out KFSensor on Windows XP and installed Honeyd1.5a on a RHEL 3.0 machine both with the default configurations. I will now explore the advanced features. I will also try out honeybot and Specter. I went through tracking-hackers.com, and the mailing lists at honeyd site. Is there any suggestion for other disscussion forums available for the honeypot technology. Thanks, Biju On 8/18/06, James Chamberlain <jchamberlain () isac-usa com> wrote:
Another Windows Honeypot is Specter. They have a $200 R&D version. Jim Chamberlain On Aug 17, 2006, at 2:11 PM, Roger A. Grimes wrote: In all reality, Honeyd for Windows doesn't really work anymore. Michael Davis did us a great service by porting it from Linux to Windows back in the day, but since then it has been nearly a dead project. It doesn't work well on Windows at all, has major routing issues, etc. My book, Honeypots for Windows, has a few chapters on it. I loved it. But, yes, it's time to use Honeyd on Linux or BSD if you've got the skills. It works great there. Or try Kfsensor or PatriotBox instead. KFSensor is the best Windows honeypot on the market, although a bit pricy for the casual user. It's a great eval though. And try any of the excellent honeypot discussion sites to find dozens of other free honeypots to play with. Roger ***************************************************************** *Roger A. Grimes, InfoWorld, Security Columnist *CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada... *email: roger_grimes () infoworld com or roger () banneretcs com *Author of Professional Windows Desktop and Server Hardening (Wrox) *http://www.amazon.com/gp/product/0764599909 ***************************************************************** -----Original Message----- From: Thorsten Holz [mailto:thorsten.holz () gmail com] Sent: Thursday, August 17, 2006 4:45 AM To: honeypots () securityfocus com Subject: Re: Honeyd for Windows On 8/17/06, Biju Thomas <biju.thomas.m () gmail com> wrote: > I am new to Honeypot technology. After reading through honeypot > related literature, I wanted to try some hands-on. I decided to try > out honeyd for Windows. The papers suggested that honeyd for windows > can be downloaded from > http://www.securityprofiling.com/honeyd/honeyd.shtml Honeyd for Windows has not been updated for a long time, the currently available version is 0.5a. Honeyd for Linux/*BSD is already at version 1.5a. So I would strongly suggest to try the Linux/*BSD version... > However this link seems to be not responding. Is there any other place > from where I can download honeyd for Windows. You could try http://www.datanerds.net/~mike/binaries/ Cheers, Thorsten
Current thread:
- Honeyd for Windows Biju Thomas (Aug 16)
- Re: Honeyd for Windows Thorsten Holz (Aug 17)
- RE: Honeyd for Windows Roger A. Grimes (Aug 17)
- Re: Honeyd for Windows James Chamberlain (Aug 18)
- Re: Honeyd for Windows Biju Thomas (Aug 18)
- Re: Honeyd for Windows Thorsten Holz (Aug 18)
- RE: Honeyd for Windows Roger A. Grimes (Aug 17)
- Re: Honeyd for Windows Thorsten Holz (Aug 17)