ENISA promotes digital hacker traps

Discussion in 'malware problems & news' started by ronjor, Nov 29, 2012.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,883
    Location:
    Texas
    http://www.h-online.com/security/news/item/ENISA-promotes-digital-hacker-traps-1759415.html
     
    ronjor, Nov 29, 2012
    #1
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    ¨Bien, bien¨ ¨Si Senior¨...excellent study.
    As a honeypot for Windows, KFsensor is interesting (easy to use, manage and deploy, nice interface etc) but the cost (more than 500 dollars) is a real limit if we consider open source alternatives.
    The same for Specter (not tested by ENISA) http://www.specter.com/default50.htm
    Fot those who want to experiment a small Windows honeypot, there is the outdated PatriotBox http://www.alkasis.com/
    On the other hand, it is possible to build a kind of honeypot with an unpatched and non hardened Windows version with monitoring sensors.

    I am testing HoneyDrive http://sourceforge.net/projects/honeydrive/
    As too recent, it has not been included in the ENISA overview and tests, but it integrates two small honeypots that have been tested in the study (Kippo SSH and Danaea).
    I do not like VM in general for any testing purpose, but we need to consider that anti-VM tricks in the *NIX malwares world are very rare.
    intersting solution to catch malwares, but in case of attacks (DDOS, brute force etc), the evidence can not be considered as legal in a French court.

    Rgds
     
    kareldjag, Dec 2, 2012
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...