Overclock.net › Forums › Industry News › Software News › [Linux.com] Use HoneyD on Linux to Fool Attackers
New Posts  All Forums:Forum Nav:

[Linux.com] Use HoneyD on Linux to Fool Attackers

post #1 of 18
Thread Starter 
Quote:
For the security conscious, there is always room for another weapon against attackers. Firewalls, intrusion detection systems, packet sniffers — all are important pieces of the puzzle. So too is Honeyd, the "honeypot daemon." Honeyd simulates the existence of an array of server and client machines on your network, including typical traffic between them. The phantom machines can be configured to mimic the signature and behavior of real operating systems, which will trick intruders into poking at them — and revealing themselves to your security staff.
Cool Stuff

Source
post #2 of 18
Yes this is good stuff, hmmm may have to try it myself to trap some malware "in the wild"
Torch's Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6750 w/G0 ASUS P5KC Sapphire HD5770 1GB 4 GB G.Skill DDR3 1333 
Hard DriveOptical DriveOSMonitor
ADATA S510 120GB SSD, (2)Samsung F3 1TB, Seaga... Asus SATA DVD LinuxMint 13 x86 w/Mate Asus 23" HD 1080p HDMI LED LCD 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 610w PC Power & Cool Silencer Rosewill Blackbone Logitech G400 
Mouse Pad
DOLICA 
  hide details  
Reply
Torch's Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6750 w/G0 ASUS P5KC Sapphire HD5770 1GB 4 GB G.Skill DDR3 1333 
Hard DriveOptical DriveOSMonitor
ADATA S510 120GB SSD, (2)Samsung F3 1TB, Seaga... Asus SATA DVD LinuxMint 13 x86 w/Mate Asus 23" HD 1080p HDMI LED LCD 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 610w PC Power & Cool Silencer Rosewill Blackbone Logitech G400 
Mouse Pad
DOLICA 
  hide details  
Reply
post #3 of 18
Thread Starter 
Quote:
Originally Posted by Mr_Torch View Post
Yes this is good stuff, hmmm may have to try it myself to trap some malware "in the wild"
Imagine all the heartache Sony would have saved if they used this.....
post #4 of 18
Imagine all the heartache Sony would have saved if their management wasn't filled with P-E chasing arsehats and actually worked to serve their customers first.....
R7 1700
(21 items)
 
Phenom II BE
(13 items)
 
 
CPUMotherboardGraphicsRAM
R7 1700 ASUS Prime b350-a/CSM GTX 970 32GB @2666MHz 
Hard DriveHard DriveCoolingCooling
MyDigitalSSD PBX Western Digital Cavier Green 3TB HDD Corsair H100 Corsair Air Series AF140 Quiet Edition  
CoolingOSMonitorMonitor
Corsair Air Series AF140 Quiet Edition  Windows 10 x64 Dell u2711 Dell u2711 
MonitorMonitorKeyboardPower
Dell u2711 Shap Aquos 50" HDTV Das Keyboard Mechanical Keyboard - Silent Edition Corsair HX650W 
CaseMouseAudioAudio
Corsair Carbide 300r Razer Death Adder Klipsch promedia 2.1 Sennheiser HD800 
CPUMotherboardGraphicsRAM
Phenom II x4 720be Gigabyte ud4p 4870 512mb 4GB (2*2GB) Super talent micron d9 
Hard DriveOptical DriveOSMonitor
80GB Intel x25-m + 640GB WD cavier Lite On DVD burner Windows 7 Dell 2005 FPW & Dell e207wfp 
KeyboardPowerCaseMouse
Logitch Ultra X Corsair TX 750W Lianli PCV-1000II Logitech MX518 
  hide details  
Reply
R7 1700
(21 items)
 
Phenom II BE
(13 items)
 
 
CPUMotherboardGraphicsRAM
R7 1700 ASUS Prime b350-a/CSM GTX 970 32GB @2666MHz 
Hard DriveHard DriveCoolingCooling
MyDigitalSSD PBX Western Digital Cavier Green 3TB HDD Corsair H100 Corsair Air Series AF140 Quiet Edition  
CoolingOSMonitorMonitor
Corsair Air Series AF140 Quiet Edition  Windows 10 x64 Dell u2711 Dell u2711 
MonitorMonitorKeyboardPower
Dell u2711 Shap Aquos 50" HDTV Das Keyboard Mechanical Keyboard - Silent Edition Corsair HX650W 
CaseMouseAudioAudio
Corsair Carbide 300r Razer Death Adder Klipsch promedia 2.1 Sennheiser HD800 
CPUMotherboardGraphicsRAM
Phenom II x4 720be Gigabyte ud4p 4870 512mb 4GB (2*2GB) Super talent micron d9 
Hard DriveOptical DriveOSMonitor
80GB Intel x25-m + 640GB WD cavier Lite On DVD burner Windows 7 Dell 2005 FPW & Dell e207wfp 
KeyboardPowerCaseMouse
Logitch Ultra X Corsair TX 750W Lianli PCV-1000II Logitech MX518 
  hide details  
Reply
post #5 of 18
want to play with this at school.
post #6 of 18
Honeypot software isn't new, and while it does wonders vs a single individual poking around your network, it won't even slow down a true attack, some simple stuff as a DDoS will take the network down regardless of honeypots (assuming a large enough botnet).
Back in Black
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 BE (C3) Biostar TA790GX A3+ Sapphire HD 5770 (v2) CORSAIR XMS3 4GB DDR3 
Hard DriveOptical DriveOSMonitor
WD Caviar Black 640GB Sony Optiarc CD/DVD RW Windows 7 Ultimate x64 NEC MultiSync LCD 1960NXi 
KeyboardPowerCaseMouse
Microsoft Comfort Curve Keyboard 2000 Corsair 650TX Cooler Master Storm Scout Logitech MX 400 Laser 
  hide details  
Reply
Back in Black
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 BE (C3) Biostar TA790GX A3+ Sapphire HD 5770 (v2) CORSAIR XMS3 4GB DDR3 
Hard DriveOptical DriveOSMonitor
WD Caviar Black 640GB Sony Optiarc CD/DVD RW Windows 7 Ultimate x64 NEC MultiSync LCD 1960NXi 
KeyboardPowerCaseMouse
Microsoft Comfort Curve Keyboard 2000 Corsair 650TX Cooler Master Storm Scout Logitech MX 400 Laser 
  hide details  
Reply
post #7 of 18
Thread Starter 
Quote:
Originally Posted by Chris++ View Post
Honeypot software isn't new, and while it does wonders vs a single individual poking around your network, it won't even slow down a true attack, some simple stuff as a DDoS will take the network down regardless of honeypots (assuming a large enough botnet).
The idea behind honeypot software doesn't seem to be to counter DDoS attacks, but rather intrusion attempts by people or malware. Of course a fake network of computers won't stop a botnet from crashing a server with a flood of connection requests.
post #8 of 18
Quote:
Originally Posted by Bluescreen_Of_Death View Post
The idea behind honeypot software doesn't seem to be to counter DDoS attacks, but rather intrusion attempts by people or malware. Of course a fake network of computers won't stop a botnet from crashing a server with a flood of connection requests.
Also depends on the type of ddos attack. Also if the information is not readily available they need a way to find the information before they can really do any damage so a honey pot would be a good first start in combination of a good IDS/IPS.

If they are just trying to flood a network a good IPS will stop that fast If they are targeting a specific application or server a honeypot will make it difficult and a IDS with proper rules will automatically alert a IPS to ban the offending ip. They would have to be very clever to get around this.
5ghz =)
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 2500k @ 5ghz Gigabyte P67a-UD3-B3 ATI HD 6970 4Gb Patriot ddr3 1333mhz. 
Hard DriveOptical DriveOSMonitor
2x 60gb Mushkin SSD Raid-0, 1tb spinpoint Lg DvD Burner. windows 7, Ubuntu 9.10, Centos 5. 30'' Samsung 305T 2560x1600 =D 
KeyboardPowerCaseMouse
Dell 610watt PcPower&Cooling Ha f932 Razer Mamba 
Mouse Pad
Razer Vespula 
  hide details  
Reply
5ghz =)
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 2500k @ 5ghz Gigabyte P67a-UD3-B3 ATI HD 6970 4Gb Patriot ddr3 1333mhz. 
Hard DriveOptical DriveOSMonitor
2x 60gb Mushkin SSD Raid-0, 1tb spinpoint Lg DvD Burner. windows 7, Ubuntu 9.10, Centos 5. 30'' Samsung 305T 2560x1600 =D 
KeyboardPowerCaseMouse
Dell 610watt PcPower&Cooling Ha f932 Razer Mamba 
Mouse Pad
Razer Vespula 
  hide details  
Reply
post #9 of 18
Meh. Doesn't make me feel warm inside.
post #10 of 18
Wow That's Cool.

I guess this a breakthrough for Servers.
Bat Computer v2
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i3 2100 P8H67-V Radeon HD 4670 Corsair  
Hard DriveOptical DriveOSMonitor
Intel SSD 320 Series Lite-On DVD ROM Windows 8.1 Professional x64 Dell S2240L 
KeyboardPowerCaseMouse
TVS Gold Mechanical Rocketfish RF-900WPS Lancool PC-K62B Gigabyte GM-M6800 
Mouse Pad
Surface Optical Mouse Pad 
  hide details  
Reply
Bat Computer v2
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i3 2100 P8H67-V Radeon HD 4670 Corsair  
Hard DriveOptical DriveOSMonitor
Intel SSD 320 Series Lite-On DVD ROM Windows 8.1 Professional x64 Dell S2240L 
KeyboardPowerCaseMouse
TVS Gold Mechanical Rocketfish RF-900WPS Lancool PC-K62B Gigabyte GM-M6800 
Mouse Pad
Surface Optical Mouse Pad 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Linux.com] Use HoneyD on Linux to Fool Attackers