Hi.
If I am an attacker - is there anyway to fingerprint it and know that it's
not a server and it's a just a honeypot ...
Yes, there are methods to do this.
My problem is that depending on the already known versions of the honeypots
and honeynets software - the attackers will always be able to identify them
and thus avoid doing any activities on them ...
It makes an attack several times difficult and sophisticated. The task
of security is not to make an attack impossible (because it is
impossible), but to make it harder as much as possible.
2008/1/18, m.farid.shawara@gmail.com <m.farid.shawara@gmail.com>:
Thanks for all of you ...
When I said Alerting I meant that I should be able to sense the attack when
it happens.
Another question :
If I am an attacker - is there anyway to fingerprint it and know that it's
not a server and it's a just a honeypot ...
My problem is that depending on the already known versions of the honeypots
and honeynets software - the attackers will always be able to identify them
and thus avoid doing any activities on them ...
Thanks ,,,
-----Original Message-----
From: pinowudi [mailto:pinowudi@gmail.com]
Sent: Friday, January 18, 2008 4:44 AM
To: m.farid.shawara@gmail.com
Subject: Re: Honeypot Server
honeypots are not for alerting. they are for researching the unknown.
Look to snort or a nids for your requirements.
m.farid.shawara@gmail.com wrote:
Dear All :
Can you advise what is the best honeypot server available
Open-source or commercial - it doesn't matter as long as it will be easy
to
administrate and easy to monitor and alerted ...
Mohamed Farid ...
--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
