Re: honeynet as a virtual appliance

[George <george.p123 () gmail com>]

On 11/11/06, ROPERT François <Francois.ROPERT () supinfo com> wrote:
> Hi,
>
> In my opinion, it's useless, as you said it, there a ton of tutorials about
> building virtual machines and people are free to do what they want with
> their tools.
> I see no need that the honeynet project lost time with this, people like you
> by example, can already do it.
> If you look at Linux distributions, many livecd are know used with knoppix
> by many free users without the approval of a specific project.

  It's not about the approval of a specific project. I belive that a
virtual appliance can help to a faster development. It's much faster
and easier to insert a new application on a virtual machine that is
allredy up then provide a rpm for roo cdrom. Also, i think bug fixing
it's also much easier.

 Don't get me wrong, i believe that roo CDROM is a great project. I
just think that virtual appliances are easier to maintain and it's
easier to extend.





> Where the virtual appliance can be usefull is the theory of that users like
> debugging or find vulns in a virtual machine but I'm not conveinced you have
> to wait honeynet project to make on yourself, many tools are simply added in
> ROO honeywall by example, you can test them without a ROO installation.
>
>
> Cheers,
>
> SUPINFO
>
> SLA - SUPINFO Laboratories
> Cisco Lab.
> Ecole Supérieure d'Informatique
> Paris Academy Of Computer Science
> 23, rue Château Landon
> F-75010 Paris - France  François Ropert
> Cisco Lab. Coordinator
> Tel: +33 (0) 1 53359700
> Fax: +33 (0) 1 53359701         http://www.supinfo.com
> http://www.labo-cisco.com
>
> -----Message d'origine-----
> De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] De
> la part de George
> Envoyé: samedi 11 novembre 2006 11:45
> À: honeypots () securityfocus com
> Objet: honeynet as a virtual appliance
>
> Hello!
> I was thinking that it wold be nice if the Honeynet wold be also
> distributed as a Virtual Appliance. VMWare player is free and there
> are a lot of tutorials on the internet about building a virtual
> machine with open source software.
> In the perspective of an open CVS, users can port honeynet
> applications on favorite Linux distribution and share it with the
> others. Also, with a virtual appliance, a lot of unexpected behavior
> of software could be removed. What do you say?
>
> Best regards,
> George
>
> ---------------------------------
>
> Ce message et toutes les pieces jointes (ci-apres dénommé le "message") sont etablis a l'attention exclusive de ses destinataires et sont donc confidentiels. Si 
> toutefois vous recevez ce message par erreur, nous vous remercions de bien vouloir le detruire et d'en avertir immediatement l'expediteur au sein de l'Ecole Supérieure 
> d'Informatique de Paris (ci-après dénommée "SUPINFO"). Toute utilisation de ce message non conforme a sa destination, toute diffusion ou toute publication, totale ou 
> partielle, est interdite, sauf autorisation expresse. Internet ne permettant pas d'assurer l'integrite des messages e-mail en général et donc de ce message en particulier, 
> SUPINFO et ses filiales, sites régionaux, laboratoires ou autres entités attachées, declinent toute responsabilite au titre du présent message qui ne pourrait engager que son auteur et 
> non SUPINFO et seulement dans l'hypothese ou le message n'aurait pas ete modifie par quelque moyen que ce soit.
>
> ---------------------------------
>
> This message and any attachments (hereinafter referred to as the "message") is intended solely for the addressees and is 
> confidential. If you receive this message in error, please delete it and immediately notify the sender at Paris Academy of Computer Science 
> (hereinafter referred to as "SUPINFO"). Any use not in accord with its purpose, any dissemination or disclosure, either whole or 
> partial, is prohibited except formal approval. Because the internet can not guarantee the integrity of this message, SUPINFO and its 
> subsidiaries, laboratories and regional branches will not therefore be liable for the message that could only engage his author, not 
> SUPINFO, and only if not modified.
>
> ---------------------------------