OpenChaos/Honeynets

From C4 Wiki

Revision as of 01:06, 13 November 2004 by 212.202.55.244 (talk) (added category)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Folien des OpenChaos unter File:Openchaos-honey.pdf

Contents

1 Honeynets
2 Sebek
3 Honeywall
4 honeyd
5 NoSEBrEaK

Honeynets

"Track the tool, tactics and motives of the blackhat community"
Erforschen von Attack Patterns und Angreifer-Verhalten
Clifford Stoll: The Cuckoo's Egg
Bill Cheswick, "An Evening with Berferd In which a Cracker is Lured, Endured, and Studied"
The Honeynet Project
The German Honeynet Project
Ermittlung von Verwundbarkeiten mit elektronischen Ködern

Sebek

Know Your Enemy: Sebek
Hijack sys_read(), sende alles direkt an Treiber, verstecken des Moduls

Honeywall

Data capture (tcpdump)
Data control (blockieren von outgoing malicious traffic, verhindern von DoS)

honeyd

"Low-interaction honeypot"
Virtual TCP/IP-stack
Sammeln von Attack-Patterns

NoSEBrEaK

Detect, circumvent and disable Sebek
NoSEBrEaK - Attacking Honeynets

Retrieved from "https://wiki.koeln.ccc.de/index.php?title=OpenChaos/Honeynets&oldid=8120"

OpenChaos