sample attack on honeypot system
Hi,
Just out of curiosity, I have implemented two machines one for honeypot(192.168.100.10) and another(192.168.100.20) to remotely log the honeypot log file using syslog. Inside honeypot I emulated another 3 machines with services on virtual IPs of that same block. Now honeypot is working and I can see the logs generating as I did a portscan(nmap) on those virtual IPs from .20 machine.All of the machines are running ubuntu. But does anyone know any s/w or tools which originally attackers use so that I can get a clear picture of what happens from the logs. Having problems creating these attack scenarios. Thanks in advance. |
Quote:
Please note offering cracker tools is not the purpose of the Linux security forum. |
thank you, actually the thing is after I get a response from here I feel more confident ..
.. and sorry .. |
All times are GMT -5. The time now is 01:58 AM. |