LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   sample attack on honeypot system (https://www.linuxquestions.org/questions/linux-security-4/sample-attack-on-honeypot-system-846126/)

tanveer 11-23-2010 05:38 PM
sample attack on honeypot system
 
Hi,
Just out of curiosity, I have implemented two machines one for honeypot(192.168.100.10) and another(192.168.100.20) to remotely log the honeypot log file using syslog. Inside honeypot I emulated another 3 machines with services on virtual IPs of that same block.
Now honeypot is working and I can see the logs generating as I did a portscan(nmap) on those virtual IPs from .20 machine.All of the machines are running ubuntu.

But does anyone know any s/w or tools which originally attackers use so that I can get a clear picture of what happens from the logs. Having problems creating these attack scenarios.

Thanks in advance.

unSpawn 11-23-2010 07:15 PM
Quote:
Originally Posted by tanveer (Post 4168710)
does anyone know any s/w or tools which originally attackers use
Searching the Internet for reports of security incidents, vulnerabilities, assigned CVE's or "cracker" fora shouldn't take longer than posting your question here.

Please note offering cracker tools is not the purpose of the Linux security forum.

tanveer 11-23-2010 10:23 PM
thank you, actually the thing is after I get a response from here I feel more confident ..
.. and sorry ..


All times are GMT -5. The time now is 01:58 AM.