LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-23-2010, 05:38 PM   #1
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 489

Rep: Reputation: 37
sample attack on honeypot system


Hi,
Just out of curiosity, I have implemented two machines one for honeypot(192.168.100.10) and another(192.168.100.20) to remotely log the honeypot log file using syslog. Inside honeypot I emulated another 3 machines with services on virtual IPs of that same block.
Now honeypot is working and I can see the logs generating as I did a portscan(nmap) on those virtual IPs from .20 machine.All of the machines are running ubuntu.

But does anyone know any s/w or tools which originally attackers use so that I can get a clear picture of what happens from the logs. Having problems creating these attack scenarios.

Thanks in advance.

Last edited by tanveer; 11-23-2010 at 06:00 PM.
 
Old 11-23-2010, 07:15 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,944
Blog Entries: 54

Rep: Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731
Quote:
Originally Posted by tanveer View Post
does anyone know any s/w or tools which originally attackers use
Searching the Internet for reports of security incidents, vulnerabilities, assigned CVE's or "cracker" fora shouldn't take longer than posting your question here.

Please note offering cracker tools is not the purpose of the Linux security forum.
 
Old 11-23-2010, 10:23 PM   #3
tanveer
Member
 
Registered: Feb 2004
Location: e@rth
Distribution: RHEL-3/4/5,Gloria,opensolaris
Posts: 489

Original Poster
Rep: Reputation: 37
thank you, actually the thing is after I get a response from here I feel more confident ..
.. and sorry ..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
System under attack via FTP, trying to understand the intended action mikeyt_333 Linux - Security 2 05-05-2006 09:44 AM
system() and execl anyone got any sample code please? twirl Programming 2 09-08-2005 02:01 AM
wrong sample rate for Gnome system sounds sharkzf6 Linux - Hardware 0 03-10-2005 10:10 AM
recent attack via phpBB, log files deleted? accessed file system outside /home/ enzo250gto Linux - Security 8 12-17-2004 01:51 PM


All times are GMT -5. The time now is 02:38 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration