Yes,
There are tools such as "Send-Safe Honeypot Hunter". Nessus can also be
used to detect if the services running are valid. It can also be
suspicious, if you configure a fake a Trojan that was released in 1995.
Or any other anomalies that are detected when someone in penetrating
your network. I would implement a honeypot because it's fun, but not to
secure against a knowledgeable hacker.
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of m.farid.shawara@gmail.com
Sent: Friday, January 18, 2008 4:37 AM
To: security-basics@securityfocus.com
Subject: RE: Honeypot Server
Thanks for all of you ...
When I said Alerting I meant that I should be able to sense the attack
when
it happens.
Another question :
If I am an attacker - is there anyway to fingerprint it and know that
it's
not a server and it's a just a honeypot ...
My problem is that depending on the already known versions of the
honeypots
and honeynets software - the attackers will always be able to identify
them
and thus avoid doing any activities on them ...
Thanks ,,,
-----Original Message-----
From: pinowudi [mailto:pinowudi@gmail.com]
Sent: Friday, January 18, 2008 4:44 AM
To: m.farid.shawara@gmail.com
Subject: Re: Honeypot Server
honeypots are not for alerting. they are for researching the unknown.
Look to snort or a nids for your requirements.
m.farid.shawara@gmail.com wrote:
Dear All :
Can you advise what is the best honeypot server available
Open-source or commercial - it doesn't matter as long as it will be
easy
to
administrate and easy to monitor and alerted ...
Mohamed Farid ...
