From owner-freebsd-questions Wed Nov 28 15: 7:21 2001 Delivered-To: freebsd-questions@freebsd.org Received: from molly.intercom.net (molly.intercom.net [216.240.106.84]) by hub.freebsd.org (Postfix) with ESMTP id 403F537B417 for ; Wed, 28 Nov 2001 15:07:17 -0800 (PST) Received: from cross (hh1108173.direcpc.com [206.71.108.173]) by molly.intercom.net (8.12.1/8.12.1) with SMTP id fASN7rm4019534; Wed, 28 Nov 2001 18:07:56 -0500 (EST) Message-ID: <012701c17861$3dfb6150$0273150a@woodstock.lanalyse.com> From: "Ron Hensley" To: "Anthony Atkielski" , "Bsd Neophyte" , References: <20011128223859.30465.qmail@web20103.mail.yahoo.com> <013a01c1785e$f206b7b0$0a00000a@atkielski.com> Subject: Re: script-kiddie trap? Date: Wed, 28 Nov 2001 18:05:47 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Actually the software _can_ be special, as in logind, telnetd, sshd, tcsh, sh, etc having the source modified to do extreme logging, invisibly, as well as to trip alarm bells and the like. Anyways, here's a link (search google on hoenypoot, first hit) http://www.enteract.com/~lspitz/honeypot.html that lists commercial as well as homebrew honeypot solutions > Perhaps you're thinking about "honeypots," real systems operated normally but > closely monitored with the specific purpose of inviting attention from script > kiddies and other dregs. There isn't anything special about the software they > run; they are just very closely watched by the honeypot operators. But what > would be the utility of such a system for you? They don't keep crackers > out--quite the contrary. > > > The false network was pretty convincing. While the intruder would poke > > around and cause mayhem, this tool would log everything about the person > > so that you could file a pretty convincing case against them. > > -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBPAVtylFb04N5DzUjEQIz9ACg7AGgIc1s5IzpQvuM0YCXWLUzhAkAnjQz skxKQlOPhpl6EMznKo/M4wWA =n5xT -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message