Sign in to follow this  
Followers 0
gloomer

Starting a honeypot

3 posts in this topic

I'm hoping for it to be Linux/BSD, but if there's a better solution that works with windows, heck I can install that too.

I've never tried running a honeypot before so I can't wait to get started. The main purpose of this honeypot will be for botnet analysis, so anything I choose has to be oriented that way. Possibly malware collection as well. I was looking at nepenthes, but a lot of malware are starting to pick up on 'anti-sandboxing' techniques.

So.. any thoughts? There's a lot of honeypots out there.. low interaction and high interaction. Whatever I choose, I want to gear it towards efficient botnet analysis.

Thanks fellas

0

Share this post


Link to post
Share on other sites

you can try honeyd or honey net in linux and spectre in windows!

cheers

0

Share this post


Link to post
Share on other sites

Run some vulnerable software on a user-mode Linux instance. Set up some pretty outbound firewalling rules so someone can't do anything major to it. Monitor it with tripwire or something so when it's compromised, you can pull it and see what happened.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0