What are the risk of opening a box on then net to use as a honeypot for testing/learning? As in, would it be easy for a "hacker/script kiddie" to take the box and use it to hack the NSA and blame me ;-)
I was thinking of using honeyd:
http://dag.wieers.com/packages/honeyd/
http://www.citi.umich.edu/u/provos/honeyd/
Anyone recommend any good books for honeypots, I have found the following on amazon.com
Honeypots: Tracking Hackers Know Your Enemy : Learning about Security Threats (2nd Edition) Network Intrusion Detection (3rd Edition)
I'm pretty sure I have that ladder sitting on my bookshelf at home and will look when I get home tonight.
On Tue, 18 Jan 2005 11:56:12 CST, Justin Conover said:
What are the risk of opening a box on then net to use as a honeypot for testing/learning? As in, would it be easy for a "hacker/script kiddie" to take the box and use it to hack the NSA and blame me ;-)
I was thinking of using honeyd:
You really want to be asking that over on honeypots@securityfocus.com, as that's where *everybody* is to be found. Feel free to come back once you get to asking "How do I use selinux to secure a honeypot?" (answer - somebody needs to write .te and .fc files for honeyd).
Hmm.. actually, that *is* a very sensible thing to do. Any takers? ;)
selinux@lists.fedoraproject.org