ENISA promotes digital hacker traps

Discussion in 'malware problems & news' started by ronjor, Nov 29, 2012.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,797
    Location:
    Texas
    http://www.h-online.com/security/news/item/ENISA-promotes-digital-hacker-traps-1759415.html
     
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    ¨Bien, bien¨ ¨Si Senior¨...excellent study.
    As a honeypot for Windows, KFsensor is interesting (easy to use, manage and deploy, nice interface etc) but the cost (more than 500 dollars) is a real limit if we consider open source alternatives.
    The same for Specter (not tested by ENISA) http://www.specter.com/default50.htm
    Fot those who want to experiment a small Windows honeypot, there is the outdated PatriotBox http://www.alkasis.com/
    On the other hand, it is possible to build a kind of honeypot with an unpatched and non hardened Windows version with monitoring sensors.

    I am testing HoneyDrive http://sourceforge.net/projects/honeydrive/
    As too recent, it has not been included in the ENISA overview and tests, but it integrates two small honeypots that have been tested in the study (Kippo SSH and Danaea).
    I do not like VM in general for any testing purpose, but we need to consider that anti-VM tricks in the *NIX malwares world are very rare.
    intersting solution to catch malwares, but in case of attacks (DDOS, brute force etc), the evidence can not be considered as legal in a French court.

    Rgds
     
Loading...
Thread Status:
Not open for further replies.