Honeypots
botnet logs Nov 15 2008 12:20PM
Nathan (nathan trav gmail com) (2 replies)
Re: botnet logs Nov 17 2008 09:40AM
Gabriele Zanoni (gabrieleml securenetwork it)
Re: botnet logs Nov 17 2008 03:51AM
Valdis Kletnieks vt edu (1 replies)
Re: botnet logs Nov 17 2008 03:31PM
Nathan (nathan trav gmail com)
Hello!

I don't really get this part. If the host pc you are running honeyd on
it is infected, how can you benefit from this with your honeyd? It's
okay to monitor your pc's traffic, and control the outgoing malicious
packets, but where honeyd comes in? The only thing i can think of, to
watch the malware trying to spread through the virtual hosts generated
by honeyd.

Thanks,
Nate

Valdis.Kletnieks (at) vt (dot) edu [email concealed] wrote:
> 2) The honeyd is running on a host that's part of a botnet. For this to
> happen, first it has to be botted into the net - and then the owners of the
> honeyd have to allow it to participate in the attack, which is somewhat
> morally ambiguous (unless you let it attack but then firewall off the
> attack packets along the way).
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus