Prot probes

Barnett, Blake bbarnett@bloodsystems.org
Fri, 7 Jul 2000 11:31:38 -0700


Haha... What a great idea.  I've gotta try that.

*  Blake


-----Original Message-----
From: rleonard [mailto:rleonard@aprnet.com]
Sent: Friday, July 07, 2000 11:35 AM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: Prot probes


I thought this was a great scenario, using vmware as a honeypot by
simulating a whole network using nothing but 1 machine and multiple virtual
machines with different O/S's

http://www.vmware.com/solutions/scenarios/security.html

-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Trent
Shipley
Sent: Friday, July 07, 2000 10:34 AM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: Prot probes




If you can afford it, you can always leave a honey pot.  Set up a machine
that is not protected, log all transactions to tape . . .

> -----Original Message-----
> From: plug-discuss-admin@lists.PLUG.phoenix.az.us
> [mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of
> Barnett, Blake
> Sent: Friday, July 07, 2000 9:37 AM
> To: 'plug-discuss@lists.PLUG.phoenix.az.us'
> Subject: RE: Prot probes
>
>
> Another fun trick is to download or create a simple logging daemon that
> listens to a port and finds out exactly what they are probing for...
> attrition.org has one...
>
> *  Blake
>
>
>


_______________________________________________
Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


_______________________________________________
Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss