If it has a plug, it's IT stuff

Jun 15 2008   4:35AM GMT

[TLBAT] Honey, honey…HoneyPot!

alessandro.panzetta Alessandro Panzetta Profile: alessandro.panzetta

In a previous post I suggested you to build a proxy and content filtering solution based on a VMWare virtual machine, in this post I’ll redo the same thing: propose another VMWare appliance that you can mount on your VMWare server, configure and have a ready-to-go tool for your IT environment.

The tool we are going to describe today is a low interaction HoneyPot that will be a central point for your network and avoid spreading of malware and provide you useful information about attacks. This virtual machine, once configured, will act as a computer without patches, antivirus software and that holds sensitive information; this way of acting will attract attackers and malware, it will download a the binary files and study their behavior and provide useful information about the type of the attack, the entry point and so on.

First start downloading the appliance from this site and then read some interesting documentation on the Security Focus website; in this post I won’t provide all needed information about how to configure the virtual machine because this depends on how you want to configure the HoneyPot, in this blog post you can read how to mount the appliance you just downloaded and have it running in minutes.

Whe you have finished the mount of the virtual machine you can access it by using the following credentials:

Username = root Password = pass2cng


Nepenthes homepage

HoneyBow sensor

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: