Difference between revisions of "OpenChaos/Honeynets"

From C4 Wiki
Jump to: navigation, search
(Doku zum OpenChaos)
 
(added category)
Line 31: Line 31:
 
* Detect, circumvent and disable Sebek
 
* Detect, circumvent and disable Sebek
 
* [http://www-i4.informatik.rwth-aachen.de/lufg/publications/files/2004-NoSEBrEaK.pdf NoSEBrEaK - Attacking Honeynets]
 
* [http://www-i4.informatik.rwth-aachen.de/lufg/publications/files/2004-NoSEBrEaK.pdf NoSEBrEaK - Attacking Honeynets]
 +
 +
 +
[[Category:OpenChaos]]

Revision as of 01:06, 13 November 2004

Folien des OpenChaos unter File:Openchaos-honey.pdf

Honeynets

Sebek

Honeywall

  • Data capture (tcpdump)
  • Data control (blockieren von outgoing malicious traffic, verhindern von DoS)

honeyd

  • "Low-interaction honeypot"
  • Virtual TCP/IP-stack
  • Sammeln von Attack-Patterns

NoSEBrEaK