|
|
| Title |
Contributor |
Date |
Description |
Rating |
|
Fun things to do with a Honeypot |
Alberto Gonzalez & Jason Larsen |
05/10/03 |
Fun things to do with honeypots. Discussed are techniques that can be used to create an environment that keeps a hacker’s interest piqued in your honeypot, and how to extract the maximum amount of data from them. |
9 |
|
Honeynet: Recent Attacks Review |
Anton Chuvakin |
27/07/03 |
Attempts to informally summarize what was happening to an exposed Linux machine connected to the Internet. |
8 |
|
Building a GenII Honeynet Gateway |
Diego González Gómez |
28/12/04 |
This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux; broaching the most common problems and providing several solutions and tips. This document does not explain the only way to install a Honeywall. It can be installed and configured using other tools, accomplishing the same objectives.
|
9 |
|
Installing a Virtual Honeywall using VMware |
Diego González Gómez |
01/01/05 |
The Honeywall CDROM makes the implementation of a GenII Honeynet Gateway easier. Furthermore, if it is installed on a virtual machine, it will also include the many advantages that a virtual machine environment offers. This paper therefore, explains how to go about configuring VMware to deploy a Honeywall. |
7 |
|
Creating a Virtual HoneyNet |
Hihsam Kotry |
06/09/02 |
Step by step process of creating a virtual honeynet on a Linux system |
8 |
|
Know Your Enemy: Sebek2 |
Honeynet Project Team |
07/10/03 |
A detailed look into one of the Honeynet Project's most powerful tools for capturing all of an attacker's activity on a honeypot, even encrypted activity, such as SSH, burneye, and IPSec. This paper covers what Sebek is, its value, how it works, and how to analyze data recovered by Sebek. |
No votes |
|
Honeynets in Universities |
Honeynet Project Team |
09/05/04 |
The purpose here is to help academic organizations deploy honeynets in .edu environments and to show their potential value to faculty, staff, and students. |
No votes |
|
Know Your Enemy |
Lance Spitzner |
06/09/02 |
The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can better protect your systems and network. |
6 |
|
Know Your Enemy II |
Lance Spitzner |
06/09/02 |
How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. |
5 |
|
Know Your Enemy III |
Lance Spitzner |
06/09/02 |
What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step. |
5 |
|
Know Your Enemy: Honeynets |
Lance Spitzner |
06/09/02 |
This paper focuses on what a honeynet is, its value to the security community, how it works, and the risks/issues involved. This paper has been updated to include GenI, GenII, and Virtual Honeynet technologies. |
5 |
|
How To Build A Honeypot |
Lance Spitzner |
06/09/02 |
What a honeypot is & how to build one |
8 |
|
Honeypots: Definitions and Value of Honeypots |
Lance Spitzner |
06/09/02 |
This paper discusses the definitions and value of honeypots. It also covers various honeypot solutions you can download and try on your own. |
5 |
|
Honeypots: Tracking Hackers - The Value of Honeypots |
Lance Spitzner |
02/10/02 |
Honeypots have certain advantages and disadvantages that affect their value. This excerpt from Lance Spitzner's book (Honeypots: Tracking Hackers) examines those advantages and disadvantages more closely. Also covered are the differences between production and research honeypots and their respective roles. |
8 |
|
Open Source Honeypots: Learning with Honeyd |
Lance Spitzner |
17/03/03 |
Brief introduction to the concepts of honeypots and their value, plus detail on how one such honeypot – Honeyd - works and how to deploy one. |
9 |
|
Open Source Honeypots, Part Two: Deploying Honeyd in the Wild |
Lance Spitzner |
19/03/03 |
This is the second part of a three-part series looking at Honeyd, an open source solution that is excellent for detecting attacks and unauthorized activity. Honeyd is configured and deployed on the big, scary Internet for one week then analyzed on how it performed and what it discovered. |
No votes |
|
Honeypots - Definitions and Value of Honeypots...updated! |
Lance Spitzner |
03/06/03 |
Lance Spitzner writes: 'Last year I attempted to define and describe what honeypots
are in the paper 'Honeypots: Definitions and Values'. Since
then, both honeypot technologies, and our understanding of
them, has dramatically changed. As such, I've totally
re-written the paper to better refelct the flexibility and
capabilities of honeypots.' |
8 |
|
Improving the Effectiveness of Deceptive Honeynets through an Empirical Learning Approach |
Nirbhay Gupta |
19/10/03 |
Examines the theory and background to the research into producing an effective deception based honeypot system. |
9 |
|
GenII Data Control for Honeynets: Understanding and Building Snort-Inline Data Control |
Richard La Bella |
16/02/03 |
What GenII data control is, its purpose, and its value. Also included is a mini HOWTO for building a Snort-Inline data control system. |
9 |
|
Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot |
Stephen Holcroft |
02/07/03 |
A complete analysis of an attack on a RedHat Linux 6.2 honeypot. |
10 |
|
Design Of A Default Redhat Server 6.2 Honeypot |
Stephen Holcroft |
16/07/03 |
This paper is a description of how the author designed and implemented a honeypot system on Redhat Server 6.2. |
9 |
|
If you go down to the Internet today – Deceptive Honeypots |
Suen Yek |
03/10/03 |
This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. |
10 |
|
|
