Monkey.org Developments
Honeyd Mailing List: honeynet/honeyd presentation

Support Honeyd

Search:
Keywords:

Search Amazon

 
 

honeynet/honeyd presentation

From: Niels Provos <provos_at_citi.umich.edu>
Date: Thu, 17 Jul 2003 23:28:17 -0400

Hi,

I just finished giving a presentation on the Honeynet Project and
Honeyd in particular at the Lockdown'03 conference. Lance thought
that you guys might find the slides of interest. They can be found at

  http://www.citi.umich.edu/u/provos/papers/honeynet/

The talk reflects some of the recent Honeyd improvements.

At LSM2003, I have been using it to create a wireless honeypot in a
lecture hall that was otherwise without network. I created a fake
Internet topology making the whole Internet address space available in
a single machine. Internet in the box so to say.

The configuration was very simple:

  Port 53 was running a DNS resolver that resolved any name to its MD5
  hash. Accessing a web page on any server would result in the
  program schedule. Mail was queued and a SSH server was running,
  too. It is amazing how many people provide their login and password
  even after they were warned about a changed host key.

People might be interested in another use of Honeyd: In classrooms to
provide Internet simulations to students. That way students can study
the effect of latency and packet loss on connections with a central
machine that they hook their laptops into.

Let me know about comments and questions.

Niels.
Received on Fri Jul 18 2003 - 10:31:11 PDT

Search For Information
Google
Search WWW Search www.honeyd.org

NB: This is a filtered version of the Honeypots mailing list. Only posts that concern Honeyd are shown here. For more recent discussions visit the forums.