Honeypots Mode:
(Page 13 of 109)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
RE: honeywall/pot on same host 2006-09-27
William Woodhams (William Woodhams wegmans com)
I personally prefer having it on two different systems. Reason being I
can monitor both of them separately and if I need to I can restart my
honeywall without having to affect my honeypot itself. Also it allows
me to report on if the honeywall was breached only or if someone
actually got into the

[ more ]  [ reply ]
honeywall/pot on same host 2006-09-27
Mike Gilligan (mikewgilligan hotmail com) (1 replies)
Hi list
Could anyone weight in on or point me to a resource which confirms whether a
single host can be used for the honeywall and honeypot systems or if it is
recommended to have separate physical machines for each and why.
thanks,
Mike.

__________________________________________________________

[ more ]  [ reply ]
Re: honeywall/pot on same host 2006-09-27
David Watson (david honeynet org uk)
[Call for Papers] DIMVA 2007 2006-09-21
Robin Sommer (info dimva org)
Dear Colleagues,

please find attached the Call For Papers for DIMVA 2007, the Fourth
GI International Conference on Detection of Intrusions & Malware,
and Vulnerability Assessment; which is to be held in Lucerne,
Switzerland, July 12-13, 2007. Complete information is available at
http://www.dimva.o

[ more ]  [ reply ]
honeytokens in databases 2006-09-18
gvij2000 yahoo com (1 replies)
hi

I would like some guidance in creating and deploying honeytokens.

1.Coming up with honeytoken data that would interest hackers.

2.How and where do I place the data so that I can monitor hackers.

best

vijay

[ more ]  [ reply ]
Re: honeytokens in databases 2006-09-18
Valdis Kletnieks vt edu
collecting spyware with a honeypot 2006-09-16
George (george p123 gmail com) (4 replies)
Hello!
I wold like to setup a honeypot for collecting spyware and adware. As
you know, spayware require user action, so i can't use the classic
honeypot method to connect it on the internet and let the "bad guys"
attack it.

I google a little bit on this project and i didn't find a point of
starting

[ more ]  [ reply ]
Re: collecting spyware with a honeypot 2006-09-18
mat (mrowley esoft com)
Re: collecting spyware with a honeypot 2006-09-18
Tillmann Werner (tillmann werner gmx de)
Re: collecting spyware with a honeypot 2006-09-18
Jamie Riden (jamesr europe com) (2 replies)
Re: collecting spyware with a honeypot 2006-09-18
Kathy Wang (knwang synacklabs net)
Re: collecting spyware with a honeypot 2006-09-18
George (george p123 gmail com)
RE: collecting spyware with a honeypot 2006-09-18
Robert D. Holtz - Lists (robert d holtz gmail com)
CFP - 4th Australian Digital Forensics Conference 2006-09-17
Craig VALLI (c valli ecu edu au)

4th Australian Digital Forensics Conference
4-5th December, 2006, Edith Cowan University,
Perth Western Australia
http://scissec.scis.ecu.edu.au/conferences2006/

A reminder that paper submissions close for the conferences on the 1st
October. All of the details can be found on the above link. Pl

[ more ]  [ reply ]
Use of pcap_api.pl 2006-09-13
Leonard Kwan (electron-asx optusnet com au) (1 replies)
Hi,

I was wondering whether someone could let me know how to use the
pcap_api.pl?

Basically I am trying to get the packet captures that the honeywall records.
I would then like to load these into a database for the purposes of data
mining.

From what I've been able to gather from the Flow.pl I ne

[ more ]  [ reply ]
Re: Use of pcap_api.pl 2006-09-15
Camilo Viecco (cviecco indiana edu)
Re: Walleye not displaying Sebek3 data 2006-09-03
wbmccarty gmail com
I don't have difficulty viewing Sebek3 data using Walleye. I had a honeypot compromised by badguys using an SSH password-guessing tool and was able to follow their BASH session flawlessly.

Are you clicking the magnifying glass icon of connections you suspect may contain keystroke data? If so, co

[ more ]  [ reply ]
Re: Walleye not displaying Sebek3 data 2006-09-01
obichbiche googlemail com
Hi Cindy,

I suggest you export the pcap file to Ethereal and depict any sebeked information from there.

Omar Bichbiche

[ more ]  [ reply ]
Walleye not displaying Sebek3 data 2006-08-31
Cindy Jenkins (cj u washington edu)
Well, since I posted this question, I still have had no luck on
solving this issue. Does anyone have Sebek3 under Walleye functioning
correctly?

I have discovered how to manually wipe the walleye database to clear
the sensor data, and can manually extract the data from walleye_0_3/
sys_read/

[ more ]  [ reply ]
FW: Snort-Inline not working 2006-08-23
Ian J. Hudson (ihudson waspc org)
Below is what I've encountered I'm really trying to get this to work,
not sure what went wrong.

Regards,
Ian J Hudson
IT Systems Specialist
WASPC
ihudson (at) waspc (dot) org [email concealed]
360.486.2380
>>
>> Sorry to bug you. With the Honeywall I've been able to see
stuff
>> happening with DNS externally, but I can

[ more ]  [ reply ]
Honeywall ROO default 2 sensors? 2006-08-17
mat (mrowley esoft com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does the roo honeywall from honeynet.org by default create 2 sensors? I
dont see why this would be necessary, but it did that for me. Is this
an error on my part? Did I do something wrong? I had installed and
reinstalled roo a few times to get the har

[ more ]  [ reply ]
Sebek 3 not reporting data details to Walleye 2006-08-16
Cindy Jenkins (cj u washington edu)
Hello all,

I have been trying to track the issue down and cannot find any
information on this problem online.

Environment:
Hwall server ROO hw1.0-189
Honeypots: FC3 2.6, Win2KPro, WinXP, Mac OS X
Syslog server: FC3 log server
Software: Sebek 3.03l server and clients, 2.6 kernel on FC3 client

Pr

[ more ]  [ reply ]
(Page 13 of 109)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus