Crackers Trap tool/project
Hello List! I have the book "Linux Security" by Bob Toxen and he has a tool in his book called "Crackers Trap" which looks for "funny" connections and then bans the source ip. Is there a open project which is similar? Cheers, Mario -- +++ GMX - die erste Adresse für Mail, Message, More +++ Neu: Preissenkung für MMS und FreeMMS! http://www.gmx.net
On Wed, 3 Dec 2003 15:51:02 +0100 (MET), Mario Ohnewald wrote
Hello List! I have the book "Linux Security" by Bob Toxen and he has a tool in his book called "Crackers Trap" which looks for "funny" connections and then bans the source ip.
Is there a open project which is similar?
There are multiple projects all called "honeypots", listed here: http://www.tracking-hackers.com/papers/honeypots.html However these projects take the above idea much further. Instead of blocking the attacks, they let the attacker in into a secured environment where the attack can be logged and later analyzed without putting security at stake. Best regards, Matthias
On Wednesday 03 December 2003 10:02 am, Matthias Riese wrote: <snip>
There are multiple projects all called "honeypots", listed here:
http://www.tracking-hackers.com/papers/honeypots.html
However these projects take the above idea much further. Instead of blocking the attacks, they let the attacker in into a secured environment where the attack can be logged and later analyzed without putting security at stake. <snip>
One word about "Honeypots", before you put one into use , make certain your country doesn't have laws against this sort of thing. Here It's called something like affecting some other person's computer w/o their permission. Apparently it's okay if you just log and let go. But many honeypots are in the nature of a "tarpit" ( named for the La Brea Tarpits in So. Calif. ) For instance actually try to hold the attacker until their computer crashes! It's a really gray area in the law right now. So if you don't want to be the first to test these laws ... make sure your country doesn't mind your capturing a hacker that is , actually invading your home or business.. I suspect it would be overturned eventually, but it's tricky till then...
participants (3)
-
jfweber@bellsouth.net
-
Mario Ohnewald
-
Matthias Riese