Sign up for ISW's Newsletter
Click here to return to the library index
Title Contributor Date Description Rating
Fun things to do with a Honeypot Alberto Gonzalez & Jason Larsen 05/10/03 Fun things to do with honeypots. Discussed are techniques that can be used to create an environment that keeps a hacker’s interest piqued in your honeypot, and how to extract the maximum amount of data from them. 9
Honeynet: Recent Attacks Review Anton Chuvakin 27/07/03 Attempts to informally summarize what was happening to an exposed Linux machine connected to the Internet. 8
Building a GenII Honeynet Gateway Diego González Gómez 28/12/04 This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux; broaching the most common problems and providing several solutions and tips. This document does not explain the only way to install a Honeywall. It can be installed and configured using other tools, accomplishing the same objectives. 9
Installing a Virtual Honeywall using VMware Diego González Gómez 01/01/05 The Honeywall CDROM makes the implementation of a GenII Honeynet Gateway easier. Furthermore, if it is installed on a virtual machine, it will also include the many advantages that a virtual machine environment offers. This paper therefore, explains how to go about configuring VMware to deploy a Honeywall. 7
Creating a Virtual HoneyNet Hihsam Kotry 06/09/02 Step by step process of creating a virtual honeynet on a Linux system 8
Know Your Enemy: Sebek2 Honeynet Project Team 07/10/03 A detailed look into one of the Honeynet Project's most powerful tools for capturing all of an attacker's activity on a honeypot, even encrypted activity, such as SSH, burneye, and IPSec. This paper covers what Sebek is, its value, how it works, and how to analyze data recovered by Sebek. No votes
Honeynets in Universities Honeynet Project Team 09/05/04 The purpose here is to help academic organizations deploy honeynets in .edu environments and to show their potential value to faculty, staff, and students. No votes
Know Your Enemy Lance Spitzner 06/09/02 The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can better protect your systems and network. 6
Know Your Enemy II Lance Spitzner 06/09/02 How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. 5
Know Your Enemy III Lance Spitzner 06/09/02 What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step. 5
Know Your Enemy: Honeynets Lance Spitzner 06/09/02 This paper focuses on what a honeynet is, its value to the security community, how it works, and the risks/issues involved. This paper has been updated to include GenI, GenII, and Virtual Honeynet technologies. 5
How To Build A Honeypot Lance Spitzner 06/09/02 What a honeypot is & how to build one 8
Honeypots: Definitions and Value of Honeypots Lance Spitzner 06/09/02 This paper discusses the definitions and value of honeypots. It also covers various honeypot solutions you can download and try on your own. 5
Honeypots: Tracking Hackers - The Value of Honeypots Lance Spitzner 02/10/02 Honeypots have certain advantages and disadvantages that affect their value. This excerpt from Lance Spitzner's book (Honeypots: Tracking Hackers) examines those advantages and disadvantages more closely. Also covered are the differences between production and research honeypots and their respective roles. 8
Open Source Honeypots: Learning with Honeyd Lance Spitzner 17/03/03 Brief introduction to the concepts of honeypots and their value, plus detail on how one such honeypot – Honeyd - works and how to deploy one. 9
Open Source Honeypots, Part Two: Deploying Honeyd in the Wild Lance Spitzner 19/03/03 This is the second part of a three-part series looking at Honeyd, an open source solution that is excellent for detecting attacks and unauthorized activity. Honeyd is configured and deployed on the big, scary Internet for one week then analyzed on how it performed and what it discovered. No votes
Honeypots - Definitions and Value of Honeypots...updated! Lance Spitzner 03/06/03 Lance Spitzner writes: 'Last year I attempted to define and describe what honeypots are in the paper 'Honeypots: Definitions and Values'. Since then, both honeypot technologies, and our understanding of them, has dramatically changed. As such, I've totally re-written the paper to better refelct the flexibility and capabilities of honeypots.' 8
Improving the Effectiveness of Deceptive Honeynets through an Empirical Learning Approach Nirbhay Gupta 19/10/03 Examines the theory and background to the research into producing an effective deception based honeypot system. 9
GenII Data Control for Honeynets: Understanding and Building Snort-Inline Data Control Richard La Bella 16/02/03 What GenII data control is, its purpose, and its value. Also included is a mini HOWTO for building a Snort-Inline data control system. 9
Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot Stephen Holcroft 02/07/03 A complete analysis of an attack on a RedHat Linux 6.2 honeypot. 10
Design Of A Default Redhat Server 6.2 Honeypot Stephen Holcroft 16/07/03 This paper is a description of how the author designed and implemented a honeypot system on Redhat Server 6.2. 9
If you go down to the Internet today – Deceptive Honeypots Suen Yek 03/10/03 This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. 10
Honeypots - Community Contributions
Title Contributor Date Description Rating
Reverse Honey Trap Aditya Sood 06/04/10 Aditya Sood and Rohit Bansal contribute with this great paper that looks into striking inside antivirus engines and analyzers. 8
How to build and use a Honeypot Ed Sutton 02/12/05 Ed Sutton submits this quick introduction to honeypots and honeynets and provides results of his deployment and what he experienced. 9
Honeypots Deployed Eddie Bibbs 18/04/06 In this paper, Eddie Bibbs discusses deployment scenarios for honeypots. 5
Detecting Botnets Using a Low Interaction Honeypot Jamie Riden 23/03/06 Jamie Riden describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. 8
Honeypots Revealed Mohamed Noordin Yusuff 11/10/04 Defines Honeypots, List the different types and the pros and cons of each, Deployment strategies, and Legal issues. 9

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , All rights reserved. Comments are property of the respective posters.