Related categories: |
| » Top/Computers/Security/Internet/Research |
| » Top/Computers/Security/Intrusion Detection Systems |
| |
|
| Web Sites |
An Evening with Berferd
A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.
http://all.net/books/berferd/berferd.html
|
Anton Chuvakin Honeynet Reseach and Live Stats
Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.
http://www.chuvakin.com/honeynet/
|
B.A.S.T.E.D.
A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.
http://basted.sourceforge.net/
|
Bubblegum proxypot
An open proxy honeypot (proxypot) that pretends to be an open proxy. Designed primarily to catch the mail spammer.
http://world.std.com/~pacman/proxypot.html
|
Building a GenII Honeynet Gateway
This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.
http://www.honeynet.org.es/papers/honeywall/
|
Deception ToolKit (DTK)
A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.
http://all.net/dtk/index.html
|
fakeAP
Generates thousands of counterfeit 802.11b access points for use as part of a honeypot or to confuse Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
http://www.blackalchemy.to/project/fakeap/
|
GHH - The "Google Hack" Honeypot
GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.
http://ghh.sourceforge.net/
|
Honey Web
An Active Server Pages (ASP) compliant web server honey pot, that detects common attacks against web servers and logs the requests in a real-time viewer . It can recognize Buffer Overflows , Denial of Service attacks, Directory Transversal attacks, SQL Injection attacks , XSS attacks , Session hijacking attacks.
http://honeyweb.sourceforge.net/
|
Honeybee
A tool for semi-automatically creating emulators of network server applications.
http://www.thomas-apel.de/honeybee/
|
Honeyd
Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.
http://www.citi.umich.edu/u/provos/honeyd/
|
Honeyd - WikiSecure
Wikisecure's honeyd page that describes the basic functionality and operation with self-explanatory examples.
http://www.wikisecure.com/index.php/Honeyd
|
Honeyd Control Center
Honeyd configuration wizard, a SQL Interface, and reports.
http://zope.org/Members/Ioan/HoneydCenter
|
HoneyNet Project
A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned.
http://project.honeynet.org/
|
Honeynet Security Console (HSC)
HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs.
http://www.activeworx.org/
|
Honeynet.BR
Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot.
http://www.honeynet.org.br/
|
Honeynet.org: Tracking Botnets
Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.
http://www.honeynet.org/papers/bots/
|
Honeypot + Honeypot = Honeynet
Article discussing the creation of the Honeynet Project.
http://www.eweek.com/article2/0,4149,1244323,00.asp
|
Honeypots
Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.
http://www.honeypots.net/
|
Honeypots: Monitoring and Forensics Project
Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics.
http://honeypots.sourceforge.net/
|
Honeypots: Tracking Hackers
White papers, mailing list and other resources related to honeypots.
http://www.tracking-hackers.com/
|
Honeypotting with VMware
An article about how to use VMware to produce honeypots to catch system intruders.
http://www.seifried.org/security/ids/20020107-honeypot-vmware-basics.html
|
Honeypotting: The Complete Documentation
Index of over 75 papers on Honeypots.
http://l0t3k.org/security/docs/honeypotting/en/
|
Honeywall CDROM
A honeynet gateway on a bootable CDROM.
http://www.honeynet.org/tools/cdrom/
|
Impost
Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available).
http://impost.sourceforge.net/
|
Installing a Virtual Honeywall using VMware
This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments.
http://www.honeynet.org.es/papers/vhwall/
|
KeyFocus - KF Sensor - Honey pot IDS
A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans.
http://www.keyfocus.net/kfsensor/
|
Know Your Enemy: GenII Honeynets
An Introduction to second generation honeynets (honeywalls).
http://www.honeynet.org/papers/gen2/
|
Know your Enemy: Phishing
Tracking Botnets with help of Honeynets.
http://www.honeynet.org/papers/phishing/
|
LaBrea Tarpit
A program that creates a tarpit or, as some have called it, a "sticky honeypot".
http://labrea.sourceforge.net/
|
mwcollect
A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwcollect cannot actually be infected with the malware.
http://www.mwcollect.org
|
Project Honey Pot: Distributed Spam Harvester Tracking Network
A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites.
http://www.projecthoneypot.org/
|
RedHat Linux 6.2 Honeypot Analysis
Incident analysis for a compromised default honeypot installation of RedHat Linux 6.2. Includes design, configuration and log details for the compromised machine.
http://www.holcroft.org/honeypot/
|
SécurIT
LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper)
http://securit.iquebec.com/
|
SCADA HoneyNet Project
SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).
http://scadahoneynet.sourceforge.net/
|
SecurityDocs - Honeypots
Directory of articles, white papers, and documents on honeypots and other security topics.
http://www.securitydocs.com/Intrusion_Detection/Honeypots
|
SecurityFocus: Problems and Challenges with Honeypots
Article discussing issues with Honeypot technology, focusing on dealing with the possibility of your Honeypot being detected (and potentially abused) by an attacker.
http://www.securityfocus.com/infocus/1757
|
SecurityFocus: Defeating Honeypots - Network issues, Part 1
Article discussing methods hackers use to detect honeypots.
http://www.securityfocus.com/infocus/1803
|
SecurityFocus: Defeating Honeypots: System Issues, Part 1
This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer.
http://www.securityfocus.com/infocus/1826
|
SecurityFocus: Fighting Internet Worms With Honeypots
This paper evaluates the usefulness of using honeypots to fight Internet worms and perform counterattacks.
http://www.securityfocus.com/infocus/1740
|
Securityfocus: Fighting Spammers With Honeypots
This paper evaluates the usefulness of using honeypots to fight spammers.
http://www.securityfocus.com/infocus/1747
|
SecurityFocus: Honeypot Farms
This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms.
http://www.securityfocus.com/infocus/1720
|
SecurityFocus: Honeytokens -The Other Honeypot
This paper discusses honeytokens, honeypots that are not computers, but rather digital entities that are stored in a restricted part of the network.
http://www.securityfocus.com/infocus/1713
|
SecurityFocus: Wireless Honeypots
Article discussing the use of honeypot technology to combat attacks on wireless networks.
http://www.securityfocus.com/infocus/1761
|
SourceForge.net: Project - HoneyView
A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data.
http://sourceforge.net/projects/honeyview
|
Spampoison
Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.
http://www.spampoison.com/
|
spank
A collection of programs to deploy, run and analyse network and host simulations in IP networks.
http://spank.sourceforge.net/
|
Talisker Security Wizardry: Honeypots
Describes different commercial and freeware honeypots.
http://www.securitywizardry.com/honeypots.htm
|
The Distributed Honeypot Project
The goal of this project is to organize dispersed honeypots across the Internet and share findings with the security community.
http://www.lucidic.net/
|
The Strider HoneyMonkey Project
Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots.
http://research.microsoft.com/HoneyMonkey/
|
The Team Cymru Darknet Project
A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics.
http://www.cymru.com/Darknet/
|
thp - Tiny Honeypot
A simple honey pot program based on iptables redirects and an xinetd listener.
http://www.alpinista.org/thp/
|
