Projects / Tiny Honeypot / Comments

Comments for Tiny Honeypot

01 Aug 2002 13:28 bschnzl

The perfect IDS spice
This package is perfect for those who are not intimately familiar with packet bits and c source code. The listener is just that, a listener. The responses are there to illicit a further degree of attacker activity without actually running the service. Attackers won't know what they're hitting until they've tipped their hands!

What does this do for you? If you want to understand more about network shenanigans, this will lay bare RPC and FTP attacks. It's in PERL, so if you want more services, grab an RFC and write it! A CAVEAT! If you're running a production network, think long and hard before putting this up! If you are not comfortable that your IDS is showing you everything, don't even think about it! Just say no!!!!

If you are still here, that means you know what xinetd and iptables do, can analyze their settings, and have them working. Open this in a test directory, and check out what it does first! You may have to manually add some rules, or adjust some services. Do it, and enjoy watching the script kiddies bounce off your walls.


Project Spotlight


An open, cross-platform journaling program.


Project Spotlight


A scientific plotting package.