OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: shawn . moyer (shawnnet-connect.net)
Date: Mon Mar 19 2001 - 12:33:18 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    James Hoagland wrote:
     
    > If you like that idea, you might want to check out the Deception
    > Toolkit, originally developed a few years ago:
    >
    > http://www.all.net/dtk/
    >
    > Haven't played with it myself, but I heard Fred Cohen talk about it
    > last week at UC Davis.

    DTK is still cool, but it hasn't been very actively maintained for
    awhile. I do some similar stuff with netcat and fake banners (i.e. nc -l
    < banner.txt) to create dummy services and other fun stuff. So far,
    though, redirecting stuff to chargen has been the most fun, just to
    watch someone hit that port and be completely baffled.

    Marcus Ranum also had a cool idea about building scripts that redirect
    attacks back to the attacker's own box, so that they actually root
    themselves. :)

    --shawn 

    -- 

    s h a w n   m o y e r
shawnnet-connect.net

    The universe did not invent justice; man did.
Unfortunately, man must reside in the universe.

                                            -- Zelazny

    _______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users