See also:
- Back Officer Friendly - - Created to detect when anyone attempts a Back Orifice scan against your computer. Also detects attempted connections to other services, such as Telnet, FTP, SMTP, POP3 and IMAP2.
|
- The Bait and Switch Honeypot System - - A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data.
|
- B.A.S.T.E.D. - - A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.
|
- Bubblegum proxypot - - An open proxy honeypot (proxypot) that pretends to be an open proxy. Designed primarily to catch the mail spammer.
|
- Building a GenII Honeynet Gateway - - This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.
|
- Deception ToolKit (DTK) - - A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.
|
- The Distributed Honeypot Project - - The goal of this project is to organize dispersed honeypots across the Internet and share findings with the security community.
|
- An Evening with Berferd - - A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.
|
- fakeAP - - Generates thousands of counterfeit 802.11b access points for use as part of a honeypot or to confuse Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
|
- GHH - The "Google Hack" Honeypot - - GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.
|
- Honey Web - - An Active Server Pages (ASP) compliant web server honey pot, that detects common attacks against web servers and logs the requests in a real-time viewer . It can recognize Buffer Overflows , Denial of Service attacks, Directory Transversal attacks, SQL Injection attacks , XSS attacks , Session hijacking attacks.
|
- Honeybee - - A tool for semi-automatically creating emulators of network server applications.
|
- Honeycomb - - A system for automated generation of signatures for network intrusion detection systems (NIDSs).
|
- Honeyd - - Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.
|
- Honeyd - WikiSecure - - Wikisecure's honeyd page that describes the basic functionality and operation with self-explanatory examples.
|
- HoneyNet Project - - A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned.
|
- Honeynet Security Console (HSC) - - HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs.
|
- Honeynet.BR - - Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot.
|
- Honeynet.org: Tracking Botnets - - Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.
|
- Honeypots - - Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.
|
- Honeypots: Monitoring and Forensics Project - - Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics.
|
- Impost - - Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available).
|
- LaBrea Tarpit - - A program that creates a tarpit or, as some have called it, a "sticky honeypot".
|
- MastaHackaWannabeAnalajza - - Provides visualization of hack attempts against a honeypot server. Reports include attack intensity over time and attack types. Based on IDS data produced by snort.
|
- mwcollect - - A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwcollect cannot actually be infected with the malware.
|
- Nepenthes honeypot - - A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms.
|
- Netbait - - Netbait Commercial Honeypot.
|
- RedHat Linux 6.2 Honeypot Analysis - - Incident analysis for a compromised default honeypot installation of RedHat Linux 6.2. Includes design, configuration and log details for the compromised machine.
|
- SCADA HoneyNet Project - - SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).
|
- SécurIT - - LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper.
|
- Spampoison - - Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.
|
- Spanish Honeynet Project - - Independent non-profit research organization of security professionals dedicated to information security focused on honeynet technologies.
|
- spank - - A collection of programs to deploy, run and analyse network and host simulations in IP networks.
|
- The Team Cymru Darknet Project - - A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics.
|
- thp - Tiny Honeypot - - A simple honey pot program based on iptables redirects and an xinetd listener.
|
- WebMaven (Buggy Bank) - - WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application security scanners and as a Honeypot.
|
- SecurityFocus: Dynamic Honeypots - - Honeypots that dynamically learn your network then deploy virtual honeypots that adapt to your network. (September 15, 2003)
|
- SecurityFocus: Honeypot Farms - - This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms. (August 3, 2003)
|
- Honeypots - - An introduction to honeypots, the different types, and their value. (May 29, 2003)
|
- Honeypotting with VMware - - An article about how to use VMware to produce honeypots to catch system intruders. (February 5, 2002)
|
|