Getting ready to launch the first honeypot which, as previously mentioned, will be a VM image of Windows 2000 Professional.
I will use Sebek to log keystrokes on the w2k box, wireshark for traffic analyzation and some freeware Firewall to block incoming and outgoing traffic on certain ports to avoid worm traffic etc..
In addition, I will also limit the amount of allowed outgoing traffic to ensure that the box can't be used to compromise other systems.
I will post the full details about the honeypot as soon as it is launced, right now I gotta get some sleep before I continue my work.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment