Honeypots and Honeynets - Page 1

Media publications

• Know your Enemy: Phishing - This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project. (Published 2005.05.16)
• SecurityFocus: Problems and Challenges with Honeypots - Article discussing issues with Honeypot technology, focusing on dealing with the possibility of your Honeypot being detected (and potentially abused) by an attacker. (Published 2004.01.14)
• SecurityFocus: Defeating Honeypots - Network issues, Part 1 - Article discussing methods hackers use to detect honeypots. (Published 2004.09.28)
• SecurityFocus: Fighting Internet Worms With Honeypots - This paper evaluates the usefulness of using honeypots to fight Internet worms and perform counterattacks. (Published 2003.10.23)
• Securityfocus: Fighting Spammers With Honeypots - This paper evaluates the usefulness of using honeypots to fight spammers. (Published 2003.11.26)
• SecurityFocus: Microsoft looks to "monkeys" to find Web threats - Article discussing how Microsoft have developed a series of Windows XP clients, dubbed "honeymonkeys", that crawl the Web finding sites that use unreported vulnerabilities to compromise unsuspecting users. (Published 2005.05.17)
• SecurityFocus: Wireless Honeypots - Article discussing the use of honeypot technology to combat attacks on wireless networks. (Published 2004.02.13)

	fakeAP URL: http://www.blackalchemy.to/project/fakeap/ ODP description: Generates thousands of counterfeit 802.11b access points for use as part of a honeypot or to confuse Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Page title: Projects - fakeAP
	Project Honey Pot: Distributed Spam Harvester Tracking Network URL: http://www.projecthoneypot.org/ ODP description: A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites. Page title: Distributed Spam Harvester Tracking Network | Project Honey Pot
	GHH - The "Google Hack" Honeypot URL: http://ghh.sourceforge.net/ ODP description: GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.
	Nepenthes URL: http://nepenthes.mwcollect.org/ ODP description: A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms. Page title: home [Nepenthes - finest collection -]
	HoneyNet Project URL: http://project.honeynet.org/ ODP description: A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned.
	Honeyd URL: http://www.citi.umich.edu/u/provos/honeyd/ ODP description: Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet or for network monitoring. For *BSD, GNU/Linux, and Solaris.
	Honeypots URL: http://www.honeypots.net/ ODP description: Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.
	The Strider HoneyMonkey Project URL: http://research.microsoft.com/HoneyMonkey/ ODP description: Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots. Page description: The Strider HoneyMonkey Project
	Honeywall CDROM URL: http://www.honeynet.org/tools/cdrom/ ODP description: A honeynet gateway on a bootable CDROM.
	Installing a Virtual Honeywall using VMware URL: http://www.honeynet.org.es/papers/vhwall/ ODP description: This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments.
	Honeynet.BR URL: http://www.honeynet.org.br/ ODP description: Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot. Page description: Brazilian Honeypots Alliance
	LaBrea Tarpit URL: http://labrea.sourceforge.net/ ODP description: A program that creates a tarpit or, as some have called it, a "sticky honeypot". Page title: LaBrea - Homepage
	Basted URL: http://basted.sourceforge.net/ ODP description: A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites. Page title: B.A.S.T.E.D.
	The Bait and Switch Honeypot System URL: http://baitnswitch.sourceforge.net/ ODP description: A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data. Page title: The Bait and Switch Honeypot
	KeyFocus - KF Sensor - Honey pot IDS URL: http://www.keyfocus.net/kfsensor/ ODP description: KFSensor is a host based Intrusion Detection System (IDS). It acts as a honey pot to attract and detect hackers by simulating vulnerable system services and trojans. Page title: KeyFocus - KFSensor - Windows Honeypot IDS Page description: KFSensor is a commercial host based Intrusion Detection System (IDS), it acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans.
	thp - Tiny Honeypot URL: http://www.alpinista.org/thp/ ODP description: A simple honey pot program based on iptables redirects and an xinetd listener.
	SCADA HoneyNet Project URL: http://scadahoneynet.sourceforge.net/ ODP description: SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures). Page title: SCADA HoneyNet Project: Building Honeypots for Industrial Networks
	Back Officer Friendly URL: http://www.nfr.com/resource/backOfficer.php ODP description: Created to detect Back Orifice scan attempts. Also detects attempted connections to other services, such as Telnet, FTP, SMTP, POP3 and IMAP2. Page title: Check Point Software: Welcome NFR Security Customers
	Honeypotting: The Complete Documentation URL: http://l0t3k.org/security/docs/honeypotting/en/ ODP description: Index of over 75 papers on Honeypots.
	Honeybee URL: http://www.thomas-apel.de/honeybee/ ODP description: A tool for semi-automatically creating emulators of network server applications. Page title: Thomas Apel - Honeybee
	Honeypots: Monitoring and Forensics Project URL: http://honeypots.sourceforge.net/ ODP description: Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics. Page title: --[Honeypots]-- Monitoring and Forensics
	An Evening with Berferd URL: http://all.net/books/berferd/berferd.html ODP description: A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.
	MITRE Honeyclient Project URL: http://www.honeyclient.org ODP description: The first open source client honeypot. Page title: MITRE Honeyclient Project - Trac
	Impost URL: http://impost.sourceforge.net/ ODP description: Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available). Page title: Impost Official Web-site
	Honeycomb URL: http://www.icir.org/christian/honeycomb/ ODP description: A system for automated generation of signatures for network intrusion detection systems (NIDSs). Page title: Honeycomb — Automated signature creation using honeypots
	Spampoison URL: http://www.spampoison.com/ ODP description: Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots. Page title: Anti-Spam - Fight Back Against Spammers | bulk unsolicited unwanted junk email Page description: Anti-Spam - Fight Back Against Spammers. Virtually infinite numbers of bogus email addresses to poison the e-mail databases of spammers. Keywords: Anti-Spam, unsolicited unwanted commercial e-mail, junk email, anti-junk, bulk advertising e-mail
	Honeypots: Tracking Hackers URL: http://www.tracking-hackers.com/ ODP description: White papers, mailing list and other resources related to honeypots. Page title: honeyblog
	SécurIT URL: http://securit.iquebec.com/ ODP description: LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper) Page title: Le meilleur du net
	SourceForge.net: Project - HoneyView URL: http://sourceforge.net/projects/honeyview ODP description: A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data. Page title: SourceForge.net: HoneyView Page description: The world's largest development and download repository of Open Source code and applications
	Deploying and Using Sinkholes URL: http://www.arbornetworks.com/dmdocuments/Sinkhole_Tutorial_June03.pdf ODP description: Configuring and deploying Sink Hole Routers, which are the network equivalent of a honey pot.
	Client honeypot / honeyclient URL: http://en.wikipedia.org/wiki/Client_honeypot_/_honeyclient ODP description: Wikipedia article on client honeypots. Page title: Client honeypot / honeyclient - Wikipedia, the free encyclopedia
	Honeynet Security Console (HSC) URL: http://www.activeworx.org/ ODP description: HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs. Page title: Activeworx.org - Security Tools - Snort IDS Software
	Capture URL: https://projects.honeynet.org/capture-hpc ODP description: A high interaction client honeypot. A client honeypot is a security technology that allows one to find malicious servers on a network.