Date: Wed, 28 Nov 2001 17:09:35 -0600 From: Ronald Clark <rclark@swbanktx.com> To: 'Bsd Neophyte' <bsdneophyte@yahoo.com>, freebsd-questions@freebsd.org Subject: RE: script-kiddie trap? Message-ID: <E1497354C15DD4119A5500204840E20503629043@swbtexch2.swbanktx.com>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_003D_01C1782F.744EC580 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sameer, Actually, there was a commercial software out made by NAI, and was a part of the Cybercop line. It did just as you state, created a virtual honey pot network and logged everything. I just checked their website, and I'm afraid, they stopped making this package. Is there a "free" software package that does something similar? Not that I am aware of. Most honey pots now are just some machine loaded up with a basic OS install and set out to see *when* it gets scanned, attacked, and compromised. Anyway, I hope this helps. If anyone can prove me wrong, please feel free to do so. Thanks, Ron Clark -----Original Message----- From: Bsd Neophyte [mailto:bsdneophyte@yahoo.com] Sent: Wednesday, November 28, 2001 4:39 PM To: freebsd-questions@freebsd.org Subject: script-kiddie trap? I remember something about a year or two ago. Someone designed some sort of application that acted as a psuedo-network that would trap a script-kiddie by giving them "access" to the network through something that would appear to be a hole caused by popular trojans. (long sentance I know) The false network was pretty convincing. While the intruder would poke around and cause mayhem, this tool would log everything about the person so that you could file a pretty convincing case against them. Is there anything like this that's free... better yet, included in the ports? -Sameer __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message ------=_NextPart_000_003D_01C1782F.744EC580 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIHzTCCA2Yw ggLPoAMCAQICEA2LT+6q0hhb9HVqnSnhf/swDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5 IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4MDUxMjAwMDAwMFoXDTA4MDUxMjIzNTk1OVow gcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gQnkg UmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIEluZGl2aWR1 YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0A MIGJAoGBALtaRIoEFrtV/QN6ii2UTxV4NrgNSrJvnFS/vOh3Kp258Gi7ldkxQXB6gUu5SBNWLccI 4YRCq8CikqtEXKpC8IIOAukv+8I7u77JJwpdtrA2QjO1blSIT4dKvxna+RXoD4e2HOPMxpqOf2ok kuP84GW6p7F+78nbN2rISsgJBuSZAgMBAAGjgbQwgbEwEQYJYIZIAYb4QgEBBAQDAgEGMDUGA1Ud HwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTEuMS4xLmNybDBHBgNVHSAE QDA+MDwGC2CGSAGG+EUBBwEBMC0wKwYIKwYBBQUHAgEWH3d3dy52ZXJpc2lnbi5jb20vcmVwb3Np dG9yeS9SUEEwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQECBQADgYEA QnwO34x5TKy/COxNVS9QiaDFXk4uXpUym3mtZRELHEpSxNWoMSGO3hCbbAjFB+YDuefINHgJCfK8 BkL4WoyD0YreqiL12eMh0s9ljAYzsM0gsjPNCr0+4Z3BNalksKelJFvp8WjrE8R8N/SUZA2axb0z F++DM6A+5ao+rthzH60wggRfMIIDyKADAgECAhBjUTraBjT667fdsyUY+o8cMA0GCSqGSIb3DQEB BAUAMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3Qg TmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAu IEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRp dmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMB4XDTAxMTExNDAwMDAwMFoX DTAyMDExMzIzNTk1OVowggEDMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy aVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5 L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMVUGVyc29uYSBOb3Qg VmFsaWRhdGVkMScwJQYDVQQLEx5EaWdpdGFsIElEIENsYXNzIDEgLSBNaWNyb3NvZnQxEjAQBgNV BAMUCVJvbiBDbGFyazEiMCAGCSqGSIb3DQEJARYTcmNsYXJrQHN3YmFua3R4LmNvbTCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEAwq8vazqAMq2AGjFVy+bAmf7rgE4ELyMLGXjZyyyiynJAN7zT lNKy8BFAxnfX+FfBl1Oer6lv+8X4TFjZjndqgBmOwaTuxbhUkOWt3qof4kkTO6jS+QN+JwyiIlsB uHKd93sNVcOtbRG/J6JcXxI75+/m8IwAkSjWMGgytZGH0dcCAwEAAaOCAQYwggECMAkGA1UdEwQC MAAwgawGA1UdIASBpDCBoTCBngYLYIZIAYb4RQEHAQEwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8v d3d3LnZlcmlzaWduLmNvbS9DUFMwYgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwgSW5jLjADAgEB Gj1WZXJpU2lnbidzIENQUyBpbmNvcnAuIGJ5IHJlZmVyZW5jZSBsaWFiLiBsdGQuIChjKTk3IFZl cmlTaWduMBEGCWCGSAGG+EIBAQQEAwIHgDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLnZl cmlzaWduLmNvbS9jbGFzczEuY3JsMA0GCSqGSIb3DQEBBAUAA4GBAIiUvG3UARGRx+pTAvv0vBJQ QtN4IIRlPs3LSgL9LPbDkNByvmjp8aGM6ZMZOyUGviWgjMI0xHTKNDeEbjw/H6kNEVVyjJ1nwh/q ymJNIf29Ut40vqXXrX3IECKgkPXXGj2PQ2rnmvTNf+5n5AwiWHuMW+mSuJ+DmEHn0aJQZHUqMYID VjCCA1ICAQEwgeEwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQCEGNROtoGNPrr t92zJRj6jxwwCQYFKw4DAhoFAKCCAcowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMDExMTI4MjMwOTM1WjAjBgkqhkiG9w0BCQQxFgQU0d7iPBcegyMXiEdkLFDr0d+k 4VowdgYJKoZIhvcNAQkPMWkwZzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcw BwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAhowBwYFKw4DAhowCgYIKoZIhvcNAgUwCgYI KoZIhvcNAgUwgfIGCSsGAQQBgjcQBDGB5DCB4TCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4x HzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5j b20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMT P1ZlcmlTaWduIENsYXNzIDEgQ0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZh bGlkYXRlZAIQY1E62gY0+uu33bMlGPqPHDANBgkqhkiG9w0BAQEFAASBgIFUFAxoLtOBCw1xXWT/ 16pSPD8qz8zDjVsEurxzO3pnFY6dSM+2MMvjg0hEPuHfy1IzxIHtqdx7h2h5K8Nl5Tb5hbZaNxYT owCDVrU8D+fQC5PXHxPyd799Qe0DC5dhdZrCehDa9ipEsakVs6Tds0eXj6RqTL0nPLaeJ/Xgp/gk AAAAAAAA ------=_NextPart_000_003D_01C1782F.744EC580-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1497354C15DD4119A5500204840E20503629043>