Home > Hacking > Server Hacking



The Honeypot

Sort Desciption:

Design Of A Default Redhat Server 6.2 Honeypot Stephen Holcroft, April 2002 Introduction The following ... wanted was my honeypot being used as a launching pad for a denial of service attack, scan, hack ...



Content Inside:

Design Of A Default Redhat Server 6.2 Honeypot Stephen Holcroft, April 2002 Introduction The following paper is a description of how I have designed and implemented a honeypot system. The paper describes how the honeypot is used to capture data in layers using different techniques. The aim of the honeypot is to discover the techniques and tactics used by blackhats (hackers) to compromise computer systems. The methods used are similar to the methods used by the Honeynet Project . The Honeypot This particular honeypot used a default server installation of RedHat 6.2. I wanted to emulate the type of systems out there in the wild now and also give the blackhat a reasonable chance of success. There would be little point in setting up a RedHat 7.2 system with all the latest patches for my first attempt as I would be waiting a while for the compromise. I had recently asked a sysadmin I knew for a RedHat CD and they gave me version 6.2, so this seemed to be a reasonable representation of what was out there. The IP address of the honeypot was not advertised anywhere, there was also no DNS name associated with the IP so there was no reason for anyone to express any interest in the system (in theory!). The honeypot I used sat on a network with 2 other machines. The following is a simple diagram of the network, the real IP addresses have been replaced with private addresses to preserve the identity of the honeypot: - of 6 Design Of A Default Redhat Server 6.2 Honeypot 12/11/2003 http://www.holcroft.org//honeypot/Honeypot -Design/sholcroft-4-2002.html The firewall is a Windows NT machine running Checkpoint FW-1, this machine controlled who had access to which parts of the network. The set-up is very simple: - allow anyone to connect to the firewall and log of 6 Design Of A Default Redhat Server 6.2 Honeypot 12/11/2003 http://www.holcroft.org//honeypot/Honeypot -Design/sholcroft-4-2002.html I was a bit conce ...

Source: www.gosecure.ca


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us
Search Terms:

 

Related Files

Vlandriks Ultimate Guide - Hacking Source Forum

Filed under: Hacking and Server Hacking
Sideshow ( Log Out ) Options Aug 13 2006, 08:54 PM My Controls · View New Posts · My Assistant Hacking Source Forum » World of Warcraft » World of Warcraft Server Emulation Vlandriks Ultimate Guide ...

Hacking Techniques

Filed under: Hacking and Server Hacking
Hacking Techniques. Network based System Hacking. Web Server Hacking. Physically enter the Target Building. WLAN (Wireless LAN) Hacking ...

Web Hacking

Filed under: Hacking and Server Hacking
This labs focus will in be web server hacking. Web server hacking refers to attackers. taking advantage of vulnerabilities inherent to the web server ...

Hacking SQL Server

Filed under: Hacking and Server Hacking
Hacking / Hacking Exposed Windows Server 2003: Windows Security Secrets & Solutions / Scambray ...... some of the tools of the trade in SQL Server hacking. ...

Real Time Hacking : ISA Server

Filed under: Hacking and Server Hacking
This case study is entirely based on my hacking experiences with Microsoft ISA Servers.It gives you. people with the way to get related to the ISA server ...