Honeypot
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Honeypot as PDF for free.
More details
- Words: 6,073
- Pages: 38
! "
%$#
! "# # $ %& &' ( )*+ & , -./ -0 &1 2$3 " 1 1 -#4 5&1 $ % 6 #( ' /& ) "$ 9 7 . /. "&+8 7 5 1 &+8 7 $ ./ # #( ' / &1 . '+ & ): < ) ; = " )7 >; "
2 -? 1 &+8 7 *+ $ #( ' / B./ @ !1 A 1 @1
" . /"7F &G -
( / !- '
" )E
/ C "D
$ Definitions and Value of Honeypots #' / "2 /!9; $ 7 G= ; "
42 &1 &H#" ' &1 " = 9 &-7 # -I &1 " " C # -I -& L 1 M 5= J K 7 & &+8 ' ( ) B ' P M 57 2# #C3 1$ # 9 =
& 8 &1 & 1 C4 1 #- " / 4 NO
" " /&1 ) -?(" 9 # N &1 C/7'0) 1 1 5!Q $" ".P R LP ' ' # ')= &9 = 1 -= ; T 91S = ; M O$ = ; $ U $ #$ 1 = 4" # #$#BBB " # B# #$V L1"I G -= .- &1 = ' 5" + <# 9 # "" 47 ' ) L1 )I G -&, ;I ' -&1 ./#@ /./# G & 1 " ; #7 1 1 5 &1 H1 " !; M O7 = , ' 1 # B7-J W " 9 ;)"./ # 5!Q 9 ##* P= 1 & Q7 '1 B#1 = ' R+ = G N1 LP.Y/ ;F #" & 1X M 5J K 2 &1 & 1 "&N O 7' 4 2#&1 " # - ;)M 5J K7 &(K" - + B./ [ 9 Z -?( 9 #F \51 9 &1 ./ # 5!Q ## 1 & 1 7 -" &' P ./##4 U # 5!Q &1 &- - 9P B -] P&' P
$ #( ' / 1 &- 1 5!Q ' /I @O"&1 M 5J K 6= '+NP" 5!Q = "%@; "^F- # N/#4@1 J KI #/ 1$&1 B - &9 =" 1 O 6"$_ . ' "&9 &1 M`' = a -= ;' / ' /I M 5 S%&9%= 1 ZS?- 5!Q = ##4=" 1 &- 1 &9 =" 1 ;5$ " 1 [ $ 1 S%" 9 O % # I # " -M;5&,I 5&1 ) O B H1 O 9 \51 " # 9 I &1 ./ # 5!Q [ " 1 &,5J K *_5Z F 9 #' P2#&1
7 &1 =$ &H## 9 2; "
$ 9 &-#
-&-C" P& S 4 H1
& '. ' X "/
#&c I
, -&d!4" # -I " /2" Q&1 R 1 /% 9 7 = )# #N' M3#&1 B# "% 1 &1 = 91 4 7' 4 2#&1 9P&1 e =%&9 7``Y' " 7 $ . J K$ #( ' / %= 1 7 '1 " &Q 1 9 B 1 M5 &1 M %" ##f `' 4 -7 &1 #4 ' /I % &-./= ' a -@O" # " /C Z ; " /C I #-
C` 7( ,g4! h Q$ %&1 "# $ iY 2#&1 = 1 $ # = LP2 "[ - #('/ %@1 $ "
*`
U#
a - ' /=" 1 &Q 1
O %#" " U' . 1 " / &1 C ) ' 1 *K BBB "BBBB O %M O $
9 7' 4 B &(K" %C ' /"#ZB 1 9 [ Y
,O= = 91 4$ . / j!Q 1 " 9 &1 - 1 # =" ; -L) &9 9P1 "R 4 "7' F)&1 j" " Md" C [ " /C Z M 5J K B " /= &+G&+G # ' = 4 / ;5&1 L .- # ' 7``Y' I, P9 %g/ &- &' 0)$1 " /=" 1 < $ 1 2#&1 ' /# #$ T 9 " 9 7' 4 2#&1 1 "!5 9 = -= H 1 ./# L = H#.;8? 5!Q &1 ' / B 1 F ' / " #&1 9 & 4 W %" = a -&1 " - &, ; = " /&1 9 I ' O " // ;, "./ ' ^Nk = # ' / "&9 % - ?(
@, ' & $" "J 9 7 # "$ l &Q 1 C" = ="9_-= H "M 5J K I # "%# 1 1 B. #( ' / ' /&1 #" "= 1 ="&&1 9 I , d = '/ I = , &,/"7 1 " )% [m.P) 9 M9 7 &1 &-*+ &G H1 ./ 79; *4 )#/7 &1 & O H1 1 & ( /' .4 2#&1 = 9 B#$ ; 2#&1 -&1 l = &, ". L &9 &1 ?( , 5" 1 31 # /= # ; V L1 B 1% P \51 M 5J K = 0H " & ) # 47 I G - ' <#F &,$ 9 P
1
$ " ' j!Q 1 L M 5= PK# "$ % " 9( ' 7``Y' = P 1 " F-#4 -$ ./# 1 g/ &- ,5J K j &1 &'1B 0) 2- R 4$
M- 1 4"I
9
)# & N &9 e B# ## " 9 g/ ' / 1 R " # -& N = 1 e -# / H# /$ n' # 1 ' / P ' /&1 &- ' / 4 #" 9 o T % 4./ 1 = 0)&, ' /$ &- 5!Q " B#1 4 0) , -^ N @ q( N 1 1 q &G Honeypot &p P #C" 2O &1 &r&>%$ .Y/ q Honeypot ^ N B./ %$ q, pF : &r. 7 $ HoneypotB 1 / q U s ;' / "R %s #& rq; M s 1 M1 O L1 t %] 5 #B 1 q; #$ / C 4#i YF B ' #( ' / M1 Oq( , ' Ys , p &1 &r 1 q qP N #q !; ^Fr$ #2_ q s r % "< MN s ' 5 r 7 4%gk IPv6 s &p Honeypot &r ./ \51 0 J N 7; "^ N M1 O 6 L q' $ " / 1 U &1 s O L1 << PM1 O 6 rq #( ' / $^ N $ Honeypot Ps 1 7 &'+ #( ' / 1 &r 1 q q 5!Q ' /@ t Honeypot I j" F "$ _ 1 = '+NP$ 5!Q #4S?-l$ $ B - = "%@;
F &9 I
# M 5J KI
LH
$M9
^, ' Y s & ) q ; &r 1 q q, r ^ N t 7 &'+ s + & # # B./ &' P) U # Honeypot B# "% 4 %q' l$ " Honeypot s 1 q( , ' Y l$ T _)q # "%31 # &rq( N # %&; d &1 B /; # %1 &rs 1 f Y s 1 %76" # t %B rq r d 7; &1 Honeypot q ; q, r t s u d &1 B 1 q $ _ "1 '+NP$ qN % $ rCv &p $ qpP : Honeypot 1 s R r &r./ qN 1 7 B q O. +NP: 1 s '+NP "$ _ q1 s R r 8 Honeypot t t q Honeypot t 1 A qN B 1 q & F %2 ( &p%C B 1 q S &( ` t "&, ; Ts#$# q)#/ 7; "[./ Q 7; "Z / q U &1 #/ Honeypot $ LH .( H #( ' /# 7 \51 B2 # # 7 # r7 " `O&+8 7 #7 &r./ Honeypot q Honeypot T 4q &GHoneypot I $ &-7 &1 & 1 #2_ $s 2_ C # !; # #q F #- P • w9 $ " 7' # &H "# " )?( # - M N • $ C ;N Q &1 T&9 q / $ X )?(ZqNO" B -q j" &9 # ' / 7 0* /%"7 ^ Nk -q q1!O ' / 7 1 7' P _, -J d %&-q $ [B -#_ 7 w8 1 s 1 Q4q)#/%I q d !; x #!1 x ' 9 #P• &' P)
$ q 5!QZ &, ; c L # #q 5!Q # - P • [ 4q > ' q -&G )?(&-7 M O )?(q O# H "q1 #
9
#-
P •
Honeypot s q s #q+ "# #s #/ 1 2 ( Honeypot B 1q s ; O " Pl$ s #tG rs ## By B rq s "%@; ## qpG r _ t Honeypot # 5!Q . 1 H) 7 G $" t # &p s &1 #g8 PHoneypot g/ r 4? # " . os ,P 4 x $yzzzz + s &1 B r 4? 1 . 1 H 7 G 1 # B rq + 4 x $ y g8 P %$" t # " rq . o s '+NPg8 P Honeypot &r " $ _ "1 . +NPt q Honeypot 1 qQ G 5!Q &r 1 q M+ #7; &1 " B 1 & F 1 %&r $ 1 q s# $l$ s # Honeypot tG r gk Honeypot g/ " + ? 1 # P g/ t 5!Q M, W " & L_ &r 1 q N 1 7 B./ d &1 . o 5!Q $ [ '$ "Z '/%Honeypot B 1 q q, r qp' r " L1 B{ %.;/&1 &rsLG &r q Q 7 s 1 Honeypot &rs s p' r " L1 1 B r 4? # q S0 B F #!O ' 7 ' ;r B|
g8 P %&r $ #$ ' 7 ' ;r &1 Honeypot q; O2 ' t 1 7 1 1 B / q . o&1 s '+NP q q' &1 B n 1 &p t "RAM . 1 H y{} 1 " B# rs$/ # % IPv6 # rL B~ Honeypot [ IDS Z q' s D + p q4 1 J!4 1 &+ 7 B rq rIPv6 " L s W 1 S 4q,4 q ' P)Honeypot t #& HG # Pt &r. s '+NP"&' 4 % q #4 Honeypot $# B r. o %
$
! "#
!!
Honeypot % & q( Nk A8 s #L Honeypot T D + p q ; & 7LH Honeypot &r 1 q ., 5 17 B 1q r H#s D + p r #&p, 1 q; s H#sD + p B rq <# # ( Nk & 8 O&N 8 Y, 1 #. #"W •y &1 &r r. o"s H q q 'NPg8 P Honeypot B 1A # %1 8 ' d
./ 2_ C # H#s ;' /& , 5 1 &rq!; Honeypot "MNP % " )?( &p L &1 r. o q; B 1 &' #Honeypot 1 q+N( t •{ R %s #B 1 q t s # ' s D + p &; t s HL B # % # # r& 4 "?( t &, ; t ' ./ 7p; IDS T# # L 7'p L %B ' $ sL_ Honeypot B #i YF 7p; Honeypot &p f `4 &1 B 1 q t s # " p # Pt g/ ' / C 'r7' P)./#&1 t &r./ p 7 &'+B 1 &' # H#s ;' / &1 #$ & d &p &1 &'1 " rq € P Honeypot ^, ' Y j s 1 t $ "j rq #( ' / Honeypot $ q5 &G T %j t $ #( ' / ./ 7p;B 1 q "( 'L ; H#q5 $ #( ' / " 1 &' # IDS $ ' ;r qp i YF & # # B 1 &' #q # s# $ 1 t $ qW /&Gs # Honeypot $ q5 &G&r# r 4 B 1q t &r 1 q Honeypot # 1 r &1 " qH HG ' F1 & # #B rq i YF % " P"l$ B 4\W1 %s" = 1 = o l" " % M 5= J K&-= G$ 1 -J K 7 #1 % 1 # " -?( # - ;)
2_
d 4= F
%
-2 -
&- #
= J K7 j
d 4= j = # B # 1 RY1 7 #
Honeypot 7; " ' ( , ' Y = , 9 "$ # Honeypot ' 1 &9 = 1 B# M9F ;- % P&-./ \51 &5 ;_ $ "# # %^, ' Y j &; ;P % '1 # "% R -" -= Honeypot •y R -" = Honeypot •{ '1 % ' P H HG&- - I ;- &1 = 1 87 " % O"^Nk A8 ' &1 ' 1 "B -• # I &- Q j Md #R -"B - 7 " F B - i YF # #Honeypot 1 )?( R -" -= Honeypot •y #"W '+NP" A = #R -" -= Honeypot =$/ & M 5 = ' / " " / 1 3 ;N % B 1 & 1 $ W / 1 )?( I . +NP‚ / B I C 5 &1 B./ #"W =$/ & = - l ){y &1 &=$/ & FTP X " / $ =# N " login &W( d I g8 P ./ 79; &' /#7 P$ 9 B 1 # -=$/& FTP ' /# B 1 % )#/R -" -= Honeypot $
./ /%". 1 R -" -= Honeypot = H ;- 1 I "##l ') % . ,4 " =" 1 LP2 &G&- ' 7 ) # ' F1 %B # " /&G 4 7 >; "# *` , 5 ' /&G B -[ MonitorZ 1 #"=$/& %= 1 = 1 %&N/ &-./ % #/ " -#4 .P 7; &-./ -?&1 2$3 &'+B - . .- $ = 1 = . +NP&-# \51 =$/ & = " / 7; I R - \51 7; " # #"W )?( # P M 5 ' / &1 H> ; )?( &- N 7 &1 B## ) B / 1 * /% H#= ' /&1 %&,/"&1 " /' /# 7 R -" - = Honeypot 7 , d $ 9 %" -. o =#"W 5!Q g8 P %&-./ &' 4 !; &1 @ 5!Q g8 P&Q R -" -Honeypot I 7' 4 7 >; B / 1 . o&1 & &7 HB 1 . 1 )?(I = 1 = &P )?(&- $./ #1 S 4 $ &G ; =$/ NO" ' / I $ R -" -Honeypot I .5 / &1 R -" - = Honeypot $ B # i YF N1 W( d #ZB# 1 2 KFSensor "Spector , Honeyd [ %' F1 BBB /J - 1 R -" = Honeypot •{ = M $ 3 ;N %B ( ' R -" = Honeypot " , 5 ' / $ %&- $ #( ' / = > =$/ & =LG : B #( ' / NO" = " / B 0) )?( ' 4 # NO" ' /I ".
FTP " / X- +Honeypot I &4 ; ) X "/I ; &1 NO" X- +I 1 ; 1 &' # ; B./ LG "#Honeypot j 7 PB -*` FTP ## 1 B "%./#&1 5!Q $ =# $ _ I $" ' P ; ; )?(# P&1 NO" ' / I B H1 U $ IRC . F I &' P) = rootkit = H#&-./ 7 R -" = Honeypot P7 "# g W I "# 0) ; O1 )?( ' P =" = & k P: B# ) U $ " = '+NP ; " # " &1 $1 R -" = Honeypot &- # \51 7; &' U' &- # F &1 )?( # P$ ' P << L1 e &' ; " ./ $ Honeypot j 7 $ #( ' / = 1 7 '1 I =" ' F #I L ' /# # `O&7; C &1 B 1 ./#&1 IP # ' / 6 &9 $ # R LP Honeypot & H I &-./ 79; " # # ' 4 # NO" M 5 ' / I )?( &I , - Q &1 B L1 & d &9 , d = ' / &1 ./ I = - 1 "!5 R -" Honeypot B #2_ = ' F1 ,4= -R -" -Honeypot & HG R -" "R -" -Honeypot &9 '1 P= 1 1 B " 1 & $ 7 # NO"C "#./ '1 B - j" R -" -= Honeypot
," -
Honeypot '( ) * +
#O #X " / I &-q # q Honeypot I &8 1 $ '1 q4 1 ƒu ; q+ "# @O"T# H1 O./ B./ # q #( ' / # s X " / &1 & 1 Honeypot I s . +NP Y1 ) B# ) O #( ' /# . ' . ' - ^F- qd `4 w9 # qk s 5 w 91 4 . ' # B./ ( . ' # Honeypot ## O B# )q OR %„ #.F Honeypot s MW $ q9 # q Honeypot I . ' w9 # #) O $ R %„ #s ,•y DMZ 0! /. F
&' ( )s MW # Honeypot 7' P)
O€ PM9 B #q B $# q %&1 &-# #q N " L "#7 $ 2 I 7' # 4 TR %„ #s , #Honeypot 7' P) O1 "#" q 71 $ R %„ #.F # )?( „ / .W ' / q, 4#w9 & ' [Honeypot *` $ n' Z qPk 4: B# q; ) # R M &' / 4 I P s 8 Honeypot I Honeypot ## O1 &- -q S0 "#_ &, ; s H+
•q; . oR %„ #g/ qN O "7 G R %„ #$ " 1 # 1& #s#5.+ #&-Z q, 4#?(i YF ' /"# B -q; + F 2v [ -q + F q # 4 7 G &- ./ 7 R %„ # s , Honeypot 7' P) O* 5 „ # )ƒ d `Y T 4q; * Pq' &1 q, 4# )?( Honeypot q' P #I P &_' #"q " 4 I P R % B -#"W &1 S 4 M I DMZ I " #Honeypot 7' P) O #DMZ " #s ' / H#. &-qQ &1 / q U s X " / g8 P&- q %$ B# O1 Honeypot 1 1 &1 M -q/ ' /#T # R %„ #$ 5 „$ $ # U &-7 &1 & 1 "M+ #7 &1 B. 79; DMZ *, 6 T./ L % QY " $ s -R %„ #s" g 7 O # R %„ #s , Honeypot ## Oq' + 7G # B# )q O& $" 1 \51 q TR %„ # .F Honeypot ## O w9 ) ƒ d `Y T# q, 4#w9 #s q' 4 7; Honeypot 1 1 #qPk R %s #g/ q, 4# I .F Honeypot ) &- 1 &' #& B 1 F U s Q R %„ #7 O 1 T #q OR %„ # B 1 $_ . ' $ q/ ' /#&- q 4 )?( I &- % q # " &1 q' O " M9F 7 V L1 d 7 #B# )q ' 4 # q, 4#Honeypot C '&1 Honeypot h Q$ q, 4#w9 &1 q/ ' /# 9 )?( &1 s#" " I P 5 &1 TI P 7 $ B# "% q ./# s#" "I P &-q %$ "# q &' P) U #Honeypot IP 7 5s , R %„ #T./ $_ Honeypot &1
B./ s " k q, 4#Honeypot # -7; 7 1 1 B# )q; q / R %„ # .F Honeypot 7' P) Oq, d M+ # B./ q, 4# )?( ; &1 DMZ " #Honeypot I ## OM 7 '1 q, 4# )?(q / J &-7 &1 &'1 B./ R %„ #I Md". ' . ' &1 q R %„ #T./ q 4 B# * I Honeypot h Q $ 4q ; .88 # 7; #I M1 8 # - &, ; qk P7; #I &1 " 1 B - U qNO" d &1 g 0+B ' 1 qk P Trojan Horse•y Backdoor•{ Intrusion Detection System•| Social Engineering•~ Sniffer•… DeMilitarized Zone•†
53 !4 Honeypot 2 1 Honeyd Niels g/ &- ./ R -" - Honeypot I Honeyd 1 $1 d &1 Honeyd B./ &' 4/ Provos
9P ZB./ &' 4/ X9 = , 5 ' / &5 ;_ = 1 " $ e / 1 Honeyd B [ ./ # 1 $" "=" &-=LG B./ 1 #( ' / M1 O 6 = IP 7' P) U O1 A &9 1 #( ' / M1 O 6IP I 1 1 &' # `O A )?( 1 " # - @ O , d &9 1 RQ B $ 1 O= l#4" O1 UDP "TCP ; Honeyd ] PR d &1 B - .o %= ' / 4 # ; " &' P) U $ ; f 4 I 7' P) U $ = 1 7 >; & -= 1 9 U# =$/ & X " / -{y TCP M9" =" &-FTP " / I =$/ A =$/ & X " / I 1 )?( &- ' O "B =$/ & = " / 1 " = '+NP ; O1 FTP X " / #! B# ) U $" # -. o H# &-=L = &;, -"= 1 -2 =$/ & ' /# " #( ' / " / FTP 7'9 = 1 )?( &1 " &- 1 ' " "%./#&1 #d &< . G" . "## ) =LG&GC # Honeypot &-## ) 1 =$/ & $ W / &1 &; &1 =$/ & = " / ' F1 B./ &' 0) ' 4 # = ' P $ d 4 j U' %B d I = ' P 7 &1 # -7 N !O&hQ " ' B # F R -" ) " 1 F R -"h Q7 $ ##2_ 7 A &, ; ) < 1 F R -" 7 $ # - -7 B &, ; ' /# )?( ) &-./ 7 # & 1 7 . #"W 7 1 1 B 1 F =$/ & %= 1 Y/ : &- -# "
B - C/ )?( = 1 1 Y/ &G &- # ; % 2v I • Honeyd • R -" -= Honeypot ' F1 M-Honeyd & 1 -$ ; B # F 4 B - F ./ # -=$/& FTP = 1 &' /#
(3 ! 6Honeypot 2 ) Honeynet R -" = Honeypot = 1 1 C I Honeynet M I %B 1 ; C `W I Honeynet B 1
B 1 ; *` a -I =" ' 1 &-= LP 2 $ * 5 1 &9 I B 1 = ;N I Honeynet 2_ %=" &- !; = 1 Q &aI &- 1 &' #= ;N I 1 & U 7 hQ B# ) &9 1 Q ; -#_ &9 =" 31 C 'B.P) U $"# -C '- ' 1 1 &'+ ) U # +4 1 O7 G &9 7 " # 9 # PB NO"= & 1 &a?( % #" - &, ; %&1 " # ' /7 C '- #LG&; N < = 9 " 9' 1 hQ &- # ; # 2_ -7 % ' O "&'+B 1 # P= . +NP ; B ' P) Honeynet I # ,P" M; &' P)SSH L = . F $ )?( & ' %&9% "1 &; "&; # O ' / #&L $ ; # B# . o" &' P) U $ B C ')?( = ; Honeynet 2 &1 = $" # g/ -7 Honeynet IP ; &1 $" # 7 B # 2_ Honeywall . 1 O= ' / .;/ &1 &- # $ =#" " IDS &1 L _ = ' / $ 1 "4I P + " ' 1 &- # 9 7 )?( &1 - 7 B - 5 # 1 &' # 1 O= ' / 1 = J N M1 OA ' / 7 $ #( ' / 1 )?(&-# ; ## $ % B -# "& d , d = ' /&1
LP2 $ = "` $ # 1 KfSensor
.
! 5$ ;: ( <: = :! > ,
8 4( - 7( ( ,8
89" : 1
Honeypot ?; @ ./ 2$3 #Honeypot j "# 1 q ' 1 q %&rC f `4 &1 T r 1 q' s # # % H "l$ &r #( ' / Honeypot $ 1 & HG &r# r 4 1& # # B r s 1 &r #Honeypot &' /#"# # r !O&r ; $ q' O "B )q O &N+ # 88 W "J $ .UPW s 1 + 3 `W d &1 Honeypot q( , ' Y # # q r q #( ' / $/ &1 */ / "^FrT.UPW q &, ; $ r.UPW r&1 q 88 W . # %q' O "B# r 1 &, ; t q s "%@; s 1 2$3 5!Q Honeypot 1 q 5 B rq € P^, ' Y s $/ s 1 5!Q 7 &'+B r r T rq / #4q" 1 ; # Y1 s $ q L $/ 7 / F1 #4 p1 4 4" B r #( ' / Honeypot &' /#7 R r" rs Honeypot r 1 q, r d &1 Y1 ) &p d # " q r &1 s + 3 `W 5 &1 &1 &p s" q 88 Ws , ;5 s 1 R r" s Honeypot H#J # q %$ 2 r &'+B q &' P) r B " r&1 L t;r $ # &/ # q q + s Honeypot r [ PreventionZ s HF [ Detection Z^Fr q1 # [ Response Z /
•y •{ •|
!; $ q q( , ' Y s $ Honeypot rM # q 2_ qp d &1 &rq!; ' 1 B r &r rq r d 7 &1 !; 7 B Auto-rooter " &p $ q_ t L1 $ q N1 $ #( ' / 1 )?( &p 7 # # s " / s 0 * /% # rR 7 &1 T# s 0 * /% # r $ X L1 7 r #+ % q;' /q' O "&r //2 r Z B rq &, ; '/ TqP #` IP e #%t &,/"&1 "t d &1 # rq Honeypot &rq " B[# rq #+ %L s H# ' / ./ 7 rq #( ' / !; & )7 $ &p .UPW s 1 %q' " r r !; & H .5 / q &r s Honeypot Honeypot $ &' /# 7 &1 < r ^O' B )q [ StickyZ G #&r q e #%$ &' /# %T Honeypot M 7 # F R r" %&1 " )q U #T q; #( ' / &p R `O )?( S Y & 1 t &p H qN B #q q e #%$ &' /# %&1 Honypot T# # e #%$ q_ 1 C s 1 #q F R r" 1 q; # &p #&r q &' % !; & )7 " TCP s v $ #( ' / B r C#)t # )?( T ( d _ 2v ## 1 T& ; s 1Z s 1 7 [ rC/ H#s &'1 ' #q M &rq r 1 1 #.UPW " F' .5 / # r&' % B./ */ 1 #q O2_ # q, 4#&p B 1 q Honeypot $ &' /#7 "L LaBrea R r" rHoneypot t 5&1 *, 6 Gs Honeypot B q &' 4 ‡(
1 3 A!0!:s Honeypot % q ; &'+Z [ rq r&p # )?(t ?(.5 /g8 P %&r $ )?( f Y $ ; $/ q 7 >; Honeypot " \51 &r 1 q s &, g8 P r7 &'+B r.UPW r&G ./#"n) )?( qN B# q )?( S 5 1 R ) # &,/" &1 " .O "h Q 7 $ ' 1 ^Fr 1 q ; $/ 7;k # B H1 Honeypot !; & )7 T / s 1 2$3 $7' #" )?(s '+NP B r^O' $/ &r 1 )?( ) B .P 31 &, t q q' ' / 2 r &r q+ " r q #( ' / Honeypot $ ; %ˆ&r# ##4 7 ? #q H t &F; 1 q Honeypot ‰<< 2 ' P)Honeypot t # ./ q88 ' /t 7 #?( pP&1 H> &r# \51 q H 7; ./ 7p; " B' ( ; &p Deception B / ' 1 )?( q Honeypot 7 1 1 B 1 q R r" rs Honeypot j 7; $ qp Toolkit $ rq t;r $/ .UPW &1 Honeypot &rq "# &r 1 q q W1 q,4 B8AM;5B./ q1 # ^Frh Q RY1 s q)#' P r$ " q q / l &(K" &G &1 $/ t . &p $ U J d B 1 q C ;8 6 &r ' P q %s &p s 1 qO( 3 ;N 1 q d " !pF $ U J d B## )q . p $ q N1 \51 T #q 2_ &, ; t ^Fr s 1 f Y &r q s ) # F R r" %&1 @ /q,4 q # q / &, ; t q' O " & ( /' B# r ' ;r % oMO "# r^O' % "## q sD + p B 1 q q, pF r 1 &, ; t ^Fr B 1 q o "1 q $ [logZ@ O ". os ,P" IDS
$ %q ; 4 &r rq + q " Ps ## % # #&1 " # 1 L ##7 $ s 1 " , Qq q" P q L !; ^Fr # %7 >; B 1 q Y B r rIPV6 " L s gW 1 q; q' B 1 7 &1 . &, ; t q1 # " ^Fr s 1 Honeypot 1 " rs ##Honeypot B #s 1 q; Os D + p q " P 1 l$ &r rq s "%@; s ' F1 78 " @ O &1 q, p Gs r " !; q q' % B# # L IPv6 " L s W # q " r^Frq' B #( ' / Honeypot $ &' /#7 &1 @ s ' F1 5!Q &p s 1 Honeypot:Simple,Cost Effective &+8 q r* r r s Honeypot . &1 B r &N+ Detection %s H ".4/B 1 q ^Frs 1 M 7 '1 R r" t 7 >; " 1 q R r" s Honeypot $ /% B# # %&1 . s ' ;r .UPW s $/ honeypot &rq 7 4%"7 / t $/ t &rq $ B./ [ Response ZDE6 rq / 1 & HG C ##i YF #4 &p # q, pF " 4 t &r 1 q R+G $ qp q j k 7; b # &p 1 #q;r 5!Q 3 ;N B 1 q & %1 $/ # " T< #2_ 4 q s r&G " <./ q r&G )?( s . +NP 1 # 5!Q 7 ' pG r . Nk" 7 # B# # B./ q ! " T )?( ' 1 m# ## "MpF "#&, ; t &1 */ / #3 ;N q; &' P) O2_ # &rq ' / ' F1 T&p s ' / B .4 r$ T*/ M, W "& L_ t s 1 1 $/ t s 1 qp " ' p+. " / Tq +
t % " / &r F1 & ' ) q' " 1 q q " & L_ $ 1 r$ ' /7 ' k $1 ./ B# ## %&1 q/ / "# 2_ %s" q8O #M, W" 1 q rC # ' / 7 &rq H # 1 ] 5 # q q' / #&1 '&r# q \51 7; B# rq/ 1 % &1 p g/ 4 8 &G " ./ #' P €( &G &r # 1 # " H#s ' / &1 )?( %"./ #" '/ b<# # " q "b./ r$ L ' / ) q' &r 1 q _ # H#MpF q' / #&1 q; &r# ## " ' / # ## 8% $ 1 Honeypot ] 5 #B./ )?(&1 h, N' t r&r & ' q %&r $ T 1 q q+5 1 q r7 G s 1 %s" q, rM, W " & L_ .4 r$ q /%&1 B# # "s & d $/ s r " &1 &p "1 # )2_ & F 1 "q O 6 s . +NP Honeypot 7 >; M, W "& L_ &r./ M+ #7; &1 " rq 4?#4 # q qNO" ' / t $ /% 1 t Honeypot t &1 A 1 ./ 4?Honeypot #&rs ## B 1 &1 p 7 j k 7; " 1 q )?( # Ps . +NP j 1 #s ( 5!Q &1 . q,4 &r #q $/ t B # %&1 s o "@ / / " # 1 q )?(. "&, ; q & L)7 '1 / s 1 R r" Honeypot q, r d &1 `O )C!4 &r. # 1 ' 1 C!4 t &1 / s 1 B 1 T r#_ C!4 &r./ &' & HG "./ &' # s r&G &, 7 s 1 X B./ # r #( ' / q L1 &G $ 7 >; B #R r" Honeypot &1 $ " 1q sD + p t Honeypot T./ , &r&>% s 1 % B / 1 M p &1 ;a 1 1 q" P $
T# #$ q' M s 1 $/ t &rqP $ s 1 ^FrT?( t $ s HF s 1 s 1 " 1 q */ B rq t;r %&1 / "?( 0G H 0I
:@ :
E ? G #F!@
Honeypot# A 08 )J= :
Honeypot
, d ' /I $[M 5J KZ B 9
%&
#
: A #F!@
A K H! I
I i YF $ Q
1 I 1 " ; C" -7 = 1
C ?;( VMware Ts$_ 7 ; O LP2 &N/ s 1 q Q 4q &-./ q -" ' / " LP2 ) # B 1 q// v s LP2 ' 4/ # "#I $ R 1 1 "C/… $ R 1 . O1 LP2 7 2 ) #&N/ Ts LP2 3 `W V L1 L 7 T -q #O LP #&- &9 .W s & 1 7 > T.P/" 9 s $" "Linux Net ware q & I s" desktop T. s Š"s &` `4s$_ s 1 &9 U (Virtural Networking) " $ d &1 F- 2_ Real time &1 " & s 0)• ' drag and drop $ q ' F ( PXE R $s gW $ [ 1 VMware s " k &,/"I ./. ‹ " s" ‹ r&‹ rq;' ‹ / ‹%&‹ r.‹ ( ) ‹ 4 ;‹ &1 $ r b 4 &p s$‹ _ s‹ " ‹ /s$ ‹
rVMware .W
s ‹ 1 ‹ .O "q,4 VMware $ …&F #( ' /
M 5J Ki YF #&- 9 I ;- ; &1
q
.O " ,4 -7 .
!"#$ !"#%!"# !"##!"##!"##!"##!" & ' (
()
*
(
)
$ $
&
+
' ,-
"!
. #" # $ 2
'
(
$ / 0
() 0
"!
"1 !
' . '
'
#' 3
i Y‹ Fs ‹ 1#
s t p &; 1 "!5&r H1
‹ t‹q ‹ i Y‹ F ‹ $‹ 1 q, ‹ d s‹ " ‹ /$ s‹ l" &‹ N+ ?(
T ' /.
‹ 1 ‹ i Y‹ F
1 4% # q t
‹ O7‹ "< #‹ 1 ‹ 4q ?
W T ./ 4 # 1
t‹ ‹ ‹P T " s 0‹ ‹ H "' ‹ ‹ /s ‹ ‹)
' /# 4 1
‹ ‹ OM‹ ‹ W T' ‹ ‹ /&‹ ‹ ‹ 1
B # ./ 1 BBB "q' P # q+/
#
7 1= " ; 1 &' B 1 # - % -* P& #= 9 7 '1 $ X95
&-2 " G
Author: Satanic Soulful E-Mail: [email protected] [email protected] Developed In:Satanic Digital Network Security ™ Special TNX 2 :Hell Hacker – Mr.P Hacker – I loveu Mct Collector & X Hulk Research By:5/-\t4N1C ©®Copyright For : Satanic Team 2005-2006 For More Information Go to Http://Hack-er.cjb.net/
©®All Right Reserved For Persian Hacker’s Œ Mr.PHacker_Ir 2005-2006 For More Information Visit:Http://PersianHacker.Net/ B
1
"$ 9 7
=
&1 A 1
Life & Girl’s Is No Matter’s The End.
&+8 € 8 2;
%$#
! "# # $ %& &' ( )*+ & , -./ -0 &1 2$3 " 1 1 -#4 5&1 $ % 6 #( ' /& ) "$ 9 7 . /. "&+8 7 5 1 &+8 7 $ ./ # #( ' / &1 . '+ & ): < ) ; = " )7 >; "
2 -? 1 &+8 7 *+ $ #( ' / B./ @ !1 A 1 @1
" . /"7F &G -
( / !- '
" )E
/ C "D
$ Definitions and Value of Honeypots #' / "2 /!9; $ 7 G= ; "
42 &1 &H#" ' &1 " = 9 &-7 # -I &1 " " C # -I -& L 1 M 5= J K 7 & &+8 ' ( ) B ' P M 57 2# #C3 1$ # 9 =
& 8 &1 & 1 C4 1 #- " / 4 NO
" " /&1 ) -?(" 9 # N &1 C/7'0) 1 1 5!Q $" ".P R LP ' ' # ')= &9 = 1 -= ; T 91S = ; M O$ = ; $ U $ #$ 1 = 4" # #$#BBB " # B# #$V L1"I G -= .- &1 = ' 5" + <# 9 # "" 47 ' ) L1 )I G -&, ;I ' -&1 ./#@ /./# G & 1 " ; #7 1 1 5 &1 H1 " !; M O7 = , ' 1 # B7-J W " 9 ;)"./ # 5!Q 9 ##* P= 1 & Q7 '1 B#1 = ' R+ = G N1 LP.Y/ ;F #" & 1X M 5J K 2 &1 & 1 "&N O 7' 4 2#&1 " # - ;)M 5J K7 &(K" - + B./ [ 9 Z -?( 9 #F \51 9 &1 ./ # 5!Q ## 1 & 1 7 -" &' P ./##4 U # 5!Q &1 &- - 9P B -] P&' P
$ #( ' / 1 &- 1 5!Q ' /I @O"&1 M 5J K 6= '+NP" 5!Q = "%@; "^F- # N/#4@1 J KI #/ 1$&1 B - &9 =" 1 O 6"$_ . ' "&9 &1 M`' = a -= ;' / ' /I M 5 S%&9%= 1 ZS?- 5!Q = ##4=" 1 &- 1 &9 =" 1 ;5$ " 1 [ $ 1 S%" 9 O % # I # " -M;5&,I 5&1 ) O B H1 O 9 \51 " # 9 I &1 ./ # 5!Q [ " 1 &,5J K *_5Z F 9 #' P2#&1
7 &1 =$ &H## 9 2; "
$ 9 &-#
-&-C" P& S 4 H1
& '. ' X "/
#&c I
, -&d!4" # -I " /2" Q&1 R 1 /% 9 7 = )# #N' M3#&1 B# "% 1 &1 = 91 4 7' 4 2#&1 9P&1 e =%&9 7``Y' " 7 $ . J K$ #( ' / %= 1 7 '1 " &Q 1 9 B 1 M5 &1 M %" ##f `' 4 -7 &1 #4 ' /I % &-./= ' a -@O" # " /C Z ; " /C I #-
C` 7( ,g4! h Q$ %&1 "# $ iY 2#&1 = 1 $ # = LP2 "[ - #('/ %@1 $ "
*`
U#
a - ' /=" 1 &Q 1
O %#" " U' . 1 " / &1 C ) ' 1 *K BBB "BBBB O %M O $
9 7' 4 B &(K" %C ' /"#ZB 1 9 [ Y
,O= = 91 4$ . / j!Q 1 " 9 &1 - 1 # =" ; -L) &9 9P1 "R 4 "7' F)&1 j" " Md" C [ " /C Z M 5J K B " /= &+G&+G # ' = 4 / ;5&1 L .- # ' 7``Y' I, P9 %g/ &- &' 0)$1 " /=" 1 < $ 1 2#&1 ' /# #$ T 9 " 9 7' 4 2#&1 1 "!5 9 = -= H 1 ./# L = H#.;8? 5!Q &1 ' / B 1 F ' / " #&1 9 & 4 W %" = a -&1 " - &, ; = " /&1 9 I ' O " // ;, "./ ' ^Nk = # ' / "&9 % - ?(
@, ' & $" "J 9 7 # "$ l &Q 1 C" = ="9_-= H "M 5J K I # "%# 1 1 B. #( ' / ' /&1 #" "= 1 ="&&1 9 I , d = '/ I = , &,/"7 1 " )% [m.P) 9 M9 7 &1 &-*+ &G H1 ./ 79; *4 )#/7 &1 & O H1 1 & ( /' .4 2#&1 = 9 B#$ ; 2#&1 -&1 l = &, ". L &9 &1 ?( , 5" 1 31 # /= # ; V L1 B 1% P \51 M 5J K = 0H " & ) # 47 I G - ' <#F &,$ 9 P
1
$ " ' j!Q 1 L M 5= PK# "$ % " 9( ' 7``Y' = P 1 " F-#4 -$ ./# 1 g/ &- ,5J K j &1 &'1B 0) 2- R 4$
M- 1 4"I
9
)# & N &9 e B# ## " 9 g/ ' / 1 R " # -& N = 1 e -# / H# /$ n' # 1 ' / P ' /&1 &- ' / 4 #" 9 o T % 4./ 1 = 0)&, ' /$ &- 5!Q " B#1 4 0) , -^ N @ q( N 1 1 q &G Honeypot &p P #C" 2O &1 &r&>%$ .Y/ q Honeypot ^ N B./ %$ q, pF : &r. 7 $ HoneypotB 1 / q U s ;' / "R %s #& rq; M s 1 M1 O L1 t %] 5 #B 1 q; #$ / C 4#i YF B ' #( ' / M1 Oq( , ' Ys , p &1 &r 1 q qP N #q !; ^Fr$ #2_ q s r % "< MN s ' 5 r 7 4%gk IPv6 s &p Honeypot &r ./ \51 0 J N 7; "^ N M1 O 6 L q' $ " / 1 U &1 s O L1 << PM1 O 6 rq #( ' / $^ N $ Honeypot Ps 1 7 &'+ #( ' / 1 &r 1 q q 5!Q ' /@ t Honeypot I j" F "$ _ 1 = '+NP$ 5!Q #4S?-l$ $ B - = "%@;
F &9 I
# M 5J KI
LH
$M9
^, ' Y s & ) q ; &r 1 q q, r ^ N t 7 &'+ s + & # # B./ &' P) U # Honeypot B# "% 4 %q' l$ " Honeypot s 1 q( , ' Y l$ T _)q # "%31 # &rq( N # %&; d &1 B /; # %1 &rs 1 f Y s 1 %76" # t %B rq r d 7; &1 Honeypot q ; q, r t s u d &1 B 1 q $ _ "1 '+NP$ qN % $ rCv &p $ qpP : Honeypot 1 s R r &r./ qN 1 7 B q O. +NP: 1 s '+NP "$ _ q1 s R r 8 Honeypot t t q Honeypot t 1 A qN B 1 q & F %2 ( &p%C B 1 q S &( ` t "&, ; Ts#$# q)#/ 7; "[./ Q 7; "Z / q U &1 #/ Honeypot $ LH .( H #( ' /# 7 \51 B2 # # 7 # r7 " `O&+8 7 #7 &r./ Honeypot q Honeypot T 4q &GHoneypot I $ &-7 &1 & 1 #2_ $s 2_ C # !; # #q F #- P • w9 $ " 7' # &H "# " )?( # - M N • $ C ;N Q &1 T&9 q / $ X )?(ZqNO" B -q j" &9 # ' / 7 0* /%"7 ^ Nk -q q1!O ' / 7 1 7' P _, -J d %&-q $ [B -#_ 7 w8 1 s 1 Q4q)#/%I q d !; x #!1 x ' 9 #P• &' P)
$ q 5!QZ &, ; c L # #q 5!Q # - P • [ 4q > ' q -&G )?(&-7 M O )?(q O# H "q1 #
9
#-
P •
Honeypot s q s #q+ "# #s #/ 1 2 ( Honeypot B 1q s ; O " Pl$ s #tG rs ## By B rq s "%@; ## qpG r _ t Honeypot # 5!Q . 1 H) 7 G $" t # &p s &1 #g8 PHoneypot g/ r 4? # " . os ,P 4 x $yzzzz + s &1 B r 4? 1 . 1 H 7 G 1 # B rq + 4 x $ y g8 P %$" t # " rq . o s '+NPg8 P Honeypot &r " $ _ "1 . +NPt q Honeypot 1 qQ G 5!Q &r 1 q M+ #7; &1 " B 1 & F 1 %&r $ 1 q s# $l$ s # Honeypot tG r gk Honeypot g/ " + ? 1 # P g/ t 5!Q M, W " & L_ &r 1 q N 1 7 B./ d &1 . o 5!Q $ [ '$ "Z '/%Honeypot B 1 q q, r qp' r " L1 B{ %.;/&1 &rsLG &r q Q 7 s 1 Honeypot &rs s p' r " L1 1 B r 4? # q S0 B F #!O ' 7 ' ;r B|
g8 P %&r $ #$ ' 7 ' ;r &1 Honeypot q; O2 ' t 1 7 1 1 B / q . o&1 s '+NP q q' &1 B n 1 &p t "RAM . 1 H y{} 1 " B# rs$/ # % IPv6 # rL B~ Honeypot [ IDS Z q' s D + p q4 1 J!4 1 &+ 7 B rq rIPv6 " L s W 1 S 4q,4 q ' P)Honeypot t #& HG # Pt &r. s '+NP"&' 4 % q #4 Honeypot $# B r. o %
$
! "#
!!
Honeypot % & q( Nk A8 s #L Honeypot T D + p q ; & 7LH Honeypot &r 1 q ., 5 17 B 1q r H#s D + p r #&p, 1 q; s H#sD + p B rq <# # ( Nk & 8 O&N 8 Y, 1 #. #"W •y &1 &r r. o"s H q q 'NPg8 P Honeypot B 1A # %1 8 ' d
./ 2_ C # H#s ;' /& , 5 1 &rq!; Honeypot "MNP % " )?( &p L &1 r. o q; B 1 &' #Honeypot 1 q+N( t •{ R %s #B 1 q t s # ' s D + p &; t s HL B # % # # r& 4 "?( t &, ; t ' ./ 7p; IDS T# # L 7'p L %B ' $ sL_ Honeypot B #i YF 7p; Honeypot &p f `4 &1 B 1 q t s # " p # Pt g/ ' / C 'r7' P)./#&1 t &r./ p 7 &'+B 1 &' # H#s ;' / &1 #$ & d &p &1 &'1 " rq € P Honeypot ^, ' Y j s 1 t $ "j rq #( ' / Honeypot $ q5 &G T %j t $ #( ' / ./ 7p;B 1 q "( 'L ; H#q5 $ #( ' / " 1 &' # IDS $ ' ;r qp i YF & # # B 1 &' #q # s# $ 1 t $ qW /&Gs # Honeypot $ q5 &G&r# r 4 B 1q t &r 1 q Honeypot # 1 r &1 " qH HG ' F1 & # #B rq i YF % " P"l$ B 4\W1 %s" = 1 = o l" " % M 5= J K&-= G$ 1 -J K 7 #1 % 1 # " -?( # - ;)
2_
d 4= F
%
-2 -
&- #
= J K7 j
d 4= j = # B # 1 RY1 7 #
Honeypot 7; " ' ( , ' Y = , 9 "$ # Honeypot ' 1 &9 = 1 B# M9F ;- % P&-./ \51 &5 ;_ $ "# # %^, ' Y j &; ;P % '1 # "% R -" -= Honeypot •y R -" = Honeypot •{ '1 % ' P H HG&- - I ;- &1 = 1 87 " % O"^Nk A8 ' &1 ' 1 "B -• # I &- Q j Md #R -"B - 7 " F B - i YF # #Honeypot 1 )?( R -" -= Honeypot •y #"W '+NP" A = #R -" -= Honeypot =$/ & M 5 = ' / " " / 1 3 ;N % B 1 & 1 $ W / 1 )?( I . +NP‚ / B I C 5 &1 B./ #"W =$/ & = - l ){y &1 &=$/ & FTP X " / $ =# N " login &W( d I g8 P ./ 79; &' /#7 P$ 9 B 1 # -=$/& FTP ' /# B 1 % )#/R -" -= Honeypot $
./ /%". 1 R -" -= Honeypot = H ;- 1 I "##l ') % . ,4 " =" 1 LP2 &G&- ' 7 ) # ' F1 %B # " /&G 4 7 >; "# *` , 5 ' /&G B -[ MonitorZ 1 #"=$/& %= 1 = 1 %&N/ &-./ % #/ " -#4 .P 7; &-./ -?&1 2$3 &'+B - . .- $ = 1 = . +NP&-# \51 =$/ & = " / 7; I R - \51 7; " # #"W )?( # P M 5 ' / &1 H> ; )?( &- N 7 &1 B## ) B / 1 * /% H#= ' /&1 %&,/"&1 " /' /# 7 R -" - = Honeypot 7 , d $ 9 %" -. o =#"W 5!Q g8 P %&-./ &' 4 !; &1 @ 5!Q g8 P&Q R -" -Honeypot I 7' 4 7 >; B / 1 . o&1 & &7 HB 1 . 1 )?(I = 1 = &P )?(&- $./ #1 S 4 $ &G ; =$/ NO" ' / I $ R -" -Honeypot I .5 / &1 R -" - = Honeypot $ B # i YF N1 W( d #ZB# 1 2 KFSensor "Spector , Honeyd [ %' F1 BBB /J - 1 R -" = Honeypot •{ = M $ 3 ;N %B ( ' R -" = Honeypot " , 5 ' / $ %&- $ #( ' / = > =$/ & =LG : B #( ' / NO" = " / B 0) )?( ' 4 # NO" ' /I ".
FTP " / X- +Honeypot I &4 ; ) X "/I ; &1 NO" X- +I 1 ; 1 &' # ; B./ LG "#Honeypot j 7 PB -*` FTP ## 1 B "%./#&1 5!Q $ =# $ _ I $" ' P ; ; )?(# P&1 NO" ' / I B H1 U $ IRC . F I &' P) = rootkit = H#&-./ 7 R -" = Honeypot P7 "# g W I "# 0) ; O1 )?( ' P =" = & k P: B# ) U $ " = '+NP ; " # " &1 $1 R -" = Honeypot &- # \51 7; &' U' &- # F &1 )?( # P$ ' P << L1 e &' ; " ./ $ Honeypot j 7 $ #( ' / = 1 7 '1 I =" ' F #I L ' /# # `O&7; C &1 B 1 ./#&1 IP # ' / 6 &9 $ # R LP Honeypot & H I &-./ 79; " # # ' 4 # NO" M 5 ' / I )?( &I , - Q &1 B L1 & d &9 , d = ' / &1 ./ I = - 1 "!5 R -" Honeypot B #2_ = ' F1 ,4= -R -" -Honeypot & HG R -" "R -" -Honeypot &9 '1 P= 1 1 B " 1 & $ 7 # NO"C "#./ '1 B - j" R -" -= Honeypot
," -
Honeypot '( ) * +
#O #X " / I &-q # q Honeypot I &8 1 $ '1 q4 1 ƒu ; q+ "# @O"T# H1 O./ B./ # q #( ' / # s X " / &1 & 1 Honeypot I s . +NP Y1 ) B# ) O #( ' /# . ' . ' - ^F- qd `4 w9 # qk s 5 w 91 4 . ' # B./ ( . ' # Honeypot ## O B# )q OR %„ #.F Honeypot s MW $ q9 # q Honeypot I . ' w9 # #) O $ R %„ #s ,•y DMZ 0! /. F
&' ( )s MW # Honeypot 7' P)
O€ PM9 B #q B $# q %&1 &-# #q N " L "#7 $ 2 I 7' # 4 TR %„ #s , #Honeypot 7' P) O1 "#" q 71 $ R %„ #.F # )?( „ / .W ' / q, 4#w9 & ' [Honeypot *` $ n' Z qPk 4: B# q; ) # R M &' / 4 I P s 8 Honeypot I Honeypot ## O1 &- -q S0 "#_ &, ; s H+
•q; . oR %„ #g/ qN O "7 G R %„ #$ " 1 # 1& #s#5.+ #&-Z q, 4#?(i YF ' /"# B -q; + F 2v [ -q + F q # 4 7 G &- ./ 7 R %„ # s , Honeypot 7' P) O* 5 „ # )ƒ d `Y T 4q; * Pq' &1 q, 4# )?( Honeypot q' P #I P &_' #"q " 4 I P R % B -#"W &1 S 4 M I DMZ I " #Honeypot 7' P) O #DMZ " #s ' / H#. &-qQ &1 / q U s X " / g8 P&- q %$ B# O1 Honeypot 1 1 &1 M -q/ ' /#T # R %„ #$ 5 „$ $ # U &-7 &1 & 1 "M+ #7 &1 B. 79; DMZ *, 6 T./ L % QY " $ s -R %„ #s" g 7 O # R %„ #s , Honeypot ## Oq' + 7G # B# )q O& $" 1 \51 q TR %„ # .F Honeypot ## O w9 ) ƒ d `Y T# q, 4#w9 #s q' 4 7; Honeypot 1 1 #qPk R %s #g/ q, 4# I .F Honeypot ) &- 1 &' #& B 1 F U s Q R %„ #7 O 1 T #q OR %„ # B 1 $_ . ' $ q/ ' /#&- q 4 )?( I &- % q # " &1 q' O " M9F 7 V L1 d 7 #B# )q ' 4 # q, 4#Honeypot C '&1 Honeypot h Q$ q, 4#w9 &1 q/ ' /# 9 )?( &1 s#" " I P 5 &1 TI P 7 $ B# "% q ./# s#" "I P &-q %$ "# q &' P) U #Honeypot IP 7 5s , R %„ #T./ $_ Honeypot &1
B./ s " k q, 4#Honeypot # -7; 7 1 1 B# )q; q / R %„ # .F Honeypot 7' P) Oq, d M+ # B./ q, 4# )?( ; &1 DMZ " #Honeypot I ## OM 7 '1 q, 4# )?(q / J &-7 &1 &'1 B./ R %„ #I Md". ' . ' &1 q R %„ #T./ q 4 B# * I Honeypot h Q $ 4q ; .88 # 7; #I M1 8 # - &, ; qk P7; #I &1 " 1 B - U qNO" d &1 g 0+B ' 1 qk P Trojan Horse•y Backdoor•{ Intrusion Detection System•| Social Engineering•~ Sniffer•… DeMilitarized Zone•†
53 !4 Honeypot 2 1 Honeyd Niels g/ &- ./ R -" - Honeypot I Honeyd 1 $1 d &1 Honeyd B./ &' 4/ Provos
9P ZB./ &' 4/ X9 = , 5 ' / &5 ;_ = 1 " $ e / 1 Honeyd B [ ./ # 1 $" "=" &-=LG B./ 1 #( ' / M1 O 6 = IP 7' P) U O1 A &9 1 #( ' / M1 O 6IP I 1 1 &' # `O A )?( 1 " # - @ O , d &9 1 RQ B $ 1 O= l#4" O1 UDP "TCP ; Honeyd ] PR d &1 B - .o %= ' / 4 # ; " &' P) U $ ; f 4 I 7' P) U $ = 1 7 >; & -= 1 9 U# =$/ & X " / -{y TCP M9" =" &-FTP " / I =$/ A =$/ & X " / I 1 )?( &- ' O "B =$/ & = " / 1 " = '+NP ; O1 FTP X " / #! B# ) U $" # -. o H# &-=L = &;, -"= 1 -2 =$/ & ' /# " #( ' / " / FTP 7'9 = 1 )?( &1 " &- 1 ' " "%./#&1 #d &< . G" . "## ) =LG&GC # Honeypot &-## ) 1 =$/ & $ W / &1 &; &1 =$/ & = " / ' F1 B./ &' 0) ' 4 # = ' P $ d 4 j U' %B d I = ' P 7 &1 # -7 N !O&hQ " ' B # F R -" ) " 1 F R -"h Q7 $ ##2_ 7 A &, ; ) < 1 F R -" 7 $ # - -7 B &, ; ' /# )?( ) &-./ 7 # & 1 7 . #"W 7 1 1 B 1 F =$/ & %= 1 Y/ : &- -# "
B - C/ )?( = 1 1 Y/ &G &- # ; % 2v I • Honeyd • R -" -= Honeypot ' F1 M-Honeyd & 1 -$ ; B # F 4 B - F ./ # -=$/& FTP = 1 &' /#
(3 ! 6Honeypot 2 ) Honeynet R -" = Honeypot = 1 1 C I Honeynet M I %B 1 ; C `W I Honeynet B 1
B 1 ; *` a -I =" ' 1 &-= LP 2 $ * 5 1 &9 I B 1 = ;N I Honeynet 2_ %=" &- !; = 1 Q &aI &- 1 &' #= ;N I 1 & U 7 hQ B# ) &9 1 Q ; -#_ &9 =" 31 C 'B.P) U $"# -C '- ' 1 1 &'+ ) U # +4 1 O7 G &9 7 " # 9 # PB NO"= & 1 &a?( % #" - &, ; %&1 " # ' /7 C '- #LG&; N < = 9 " 9' 1 hQ &- # ; # 2_ -7 % ' O "&'+B 1 # P= . +NP ; B ' P) Honeynet I # ,P" M; &' P)SSH L = . F $ )?( & ' %&9% "1 &; "&; # O ' / #&L $ ; # B# . o" &' P) U $ B C ')?( = ; Honeynet 2 &1 = $" # g/ -7 Honeynet IP ; &1 $" # 7 B # 2_ Honeywall . 1 O= ' / .;/ &1 &- # $ =#" " IDS &1 L _ = ' / $ 1 "4I P + " ' 1 &- # 9 7 )?( &1 - 7 B - 5 # 1 &' # 1 O= ' / 1 = J N M1 OA ' / 7 $ #( ' / 1 )?(&-# ; ## $ % B -# "& d , d = ' /&1
LP2 $ = "` $ # 1 KfSensor
.
! 5$ ;: ( <: = :! > ,
8 4( - 7( ( ,8
89" : 1
Honeypot ?; @ ./ 2$3 #Honeypot j "# 1 q ' 1 q %&rC f `4 &1 T r 1 q' s # # % H "l$ &r #( ' / Honeypot $ 1 & HG &r# r 4 1& # # B r s 1 &r #Honeypot &' /#"# # r !O&r ; $ q' O "B )q O &N+ # 88 W "J $ .UPW s 1 + 3 `W d &1 Honeypot q( , ' Y # # q r q #( ' / $/ &1 */ / "^FrT.UPW q &, ; $ r.UPW r&1 q 88 W . # %q' O "B# r 1 &, ; t q s "%@; s 1 2$3 5!Q Honeypot 1 q 5 B rq € P^, ' Y s $/ s 1 5!Q 7 &'+B r r T rq / #4q" 1 ; # Y1 s $ q L $/ 7 / F1 #4 p1 4 4" B r #( ' / Honeypot &' /#7 R r" rs Honeypot r 1 q, r d &1 Y1 ) &p d # " q r &1 s + 3 `W 5 &1 &1 &p s" q 88 Ws , ;5 s 1 R r" s Honeypot H#J # q %$ 2 r &'+B q &' P) r B " r&1 L t;r $ # &/ # q q + s Honeypot r [ PreventionZ s HF [ Detection Z^Fr q1 # [ Response Z /
•y •{ •|
!; $ q q( , ' Y s $ Honeypot rM # q 2_ qp d &1 &rq!; ' 1 B r &r rq r d 7 &1 !; 7 B Auto-rooter " &p $ q_ t L1 $ q N1 $ #( ' / 1 )?( &p 7 # # s " / s 0 * /% # rR 7 &1 T# s 0 * /% # r $ X L1 7 r #+ % q;' /q' O "&r //2 r Z B rq &, ; '/ TqP #` IP e #%t &,/"&1 "t d &1 # rq Honeypot &rq " B[# rq #+ %L s H# ' / ./ 7 rq #( ' / !; & )7 $ &p .UPW s 1 %q' " r r !; & H .5 / q &r s Honeypot Honeypot $ &' /# 7 &1 < r ^O' B )q [ StickyZ G #&r q e #%$ &' /# %T Honeypot M 7 # F R r" %&1 " )q U #T q; #( ' / &p R `O )?( S Y & 1 t &p H qN B #q q e #%$ &' /# %&1 Honypot T# # e #%$ q_ 1 C s 1 #q F R r" 1 q; # &p #&r q &' % !; & )7 " TCP s v $ #( ' / B r C#)t # )?( T ( d _ 2v ## 1 T& ; s 1Z s 1 7 [ rC/ H#s &'1 ' #q M &rq r 1 1 #.UPW " F' .5 / # r&' % B./ */ 1 #q O2_ # q, 4#&p B 1 q Honeypot $ &' /#7 "L LaBrea R r" rHoneypot t 5&1 *, 6 Gs Honeypot B q &' 4 ‡(
1 3 A!0!:s Honeypot % q ; &'+Z [ rq r&p # )?(t ?(.5 /g8 P %&r $ )?( f Y $ ; $/ q 7 >; Honeypot " \51 &r 1 q s &, g8 P r7 &'+B r.UPW r&G ./#"n) )?( qN B# q )?( S 5 1 R ) # &,/" &1 " .O "h Q 7 $ ' 1 ^Fr 1 q ; $/ 7;k # B H1 Honeypot !; & )7 T / s 1 2$3 $7' #" )?(s '+NP B r^O' $/ &r 1 )?( ) B .P 31 &, t q q' ' / 2 r &r q+ " r q #( ' / Honeypot $ ; %ˆ&r# ##4 7 ? #q H t &F; 1 q Honeypot ‰<< 2 ' P)Honeypot t # ./ q88 ' /t 7 #?( pP&1 H> &r# \51 q H 7; ./ 7p; " B' ( ; &p Deception B / ' 1 )?( q Honeypot 7 1 1 B 1 q R r" rs Honeypot j 7; $ qp Toolkit $ rq t;r $/ .UPW &1 Honeypot &rq "# &r 1 q q W1 q,4 B8AM;5B./ q1 # ^Frh Q RY1 s q)#' P r$ " q q / l &(K" &G &1 $/ t . &p $ U J d B 1 q C ;8 6 &r ' P q %s &p s 1 qO( 3 ;N 1 q d " !pF $ U J d B## )q . p $ q N1 \51 T #q 2_ &, ; t ^Fr s 1 f Y &r q s ) # F R r" %&1 @ /q,4 q # q / &, ; t q' O " & ( /' B# r ' ;r % oMO "# r^O' % "## q sD + p B 1 q q, pF r 1 &, ; t ^Fr B 1 q o "1 q $ [logZ@ O ". os ,P" IDS
$ %q ; 4 &r rq + q " Ps ## % # #&1 " # 1 L ##7 $ s 1 " , Qq q" P q L !; ^Fr # %7 >; B 1 q Y B r rIPV6 " L s gW 1 q; q' B 1 7 &1 . &, ; t q1 # " ^Fr s 1 Honeypot 1 " rs ##Honeypot B #s 1 q; Os D + p q " P 1 l$ &r rq s "%@; s ' F1 78 " @ O &1 q, p Gs r " !; q q' % B# # L IPv6 " L s W # q " r^Frq' B #( ' / Honeypot $ &' /#7 &1 @ s ' F1 5!Q &p s 1 Honeypot:Simple,Cost Effective &+8 q r* r r s Honeypot . &1 B r &N+ Detection %s H ".4/B 1 q ^Frs 1 M 7 '1 R r" t 7 >; " 1 q R r" s Honeypot $ /% B# # %&1 . s ' ;r .UPW s $/ honeypot &rq 7 4%"7 / t $/ t &rq $ B./ [ Response ZDE6 rq / 1 & HG C ##i YF #4 &p # q, pF " 4 t &r 1 q R+G $ qp q j k 7; b # &p 1 #q;r 5!Q 3 ;N B 1 q & %1 $/ # " T< #2_ 4 q s r&G " <./ q r&G )?( s . +NP 1 # 5!Q 7 ' pG r . Nk" 7 # B# # B./ q ! " T )?( ' 1 m# ## "MpF "#&, ; t &1 */ / #3 ;N q; &' P) O2_ # &rq ' / ' F1 T&p s ' / B .4 r$ T*/ M, W "& L_ t s 1 1 $/ t s 1 qp " ' p+. " / Tq +
t % " / &r F1 & ' ) q' " 1 q q " & L_ $ 1 r$ ' /7 ' k $1 ./ B# ## %&1 q/ / "# 2_ %s" q8O #M, W" 1 q rC # ' / 7 &rq H # 1 ] 5 # q q' / #&1 '&r# q \51 7; B# rq/ 1 % &1 p g/ 4 8 &G " ./ #' P €( &G &r # 1 # " H#s ' / &1 )?( %"./ #" '/ b<# # " q "b./ r$ L ' / ) q' &r 1 q _ # H#MpF q' / #&1 q; &r# ## " ' / # ## 8% $ 1 Honeypot ] 5 #B./ )?(&1 h, N' t r&r & ' q %&r $ T 1 q q+5 1 q r7 G s 1 %s" q, rM, W " & L_ .4 r$ q /%&1 B# # "s & d $/ s r " &1 &p "1 # )2_ & F 1 "q O 6 s . +NP Honeypot 7 >; M, W "& L_ &r./ M+ #7; &1 " rq 4?#4 # q qNO" ' / t $ /% 1 t Honeypot t &1 A 1 ./ 4?Honeypot #&rs ## B 1 &1 p 7 j k 7; " 1 q )?( # Ps . +NP j 1 #s ( 5!Q &1 . q,4 &r #q $/ t B # %&1 s o "@ / / " # 1 q )?(. "&, ; q & L)7 '1 / s 1 R r" Honeypot q, r d &1 `O )C!4 &r. # 1 ' 1 C!4 t &1 / s 1 B 1 T r#_ C!4 &r./ &' & HG "./ &' # s r&G &, 7 s 1 X B./ # r #( ' / q L1 &G $ 7 >; B #R r" Honeypot &1 $ " 1q sD + p t Honeypot T./ , &r&>% s 1 % B / 1 M p &1 ;a 1 1 q" P $
T# #$ q' M s 1 $/ t &rqP $ s 1 ^FrT?( t $ s HF s 1 s 1 " 1 q */ B rq t;r %&1 / "?( 0G H 0I
:@ :
E ? G #F!@
Honeypot# A 08 )J= :
Honeypot
, d ' /I $[M 5J KZ B 9
%&
#
: A #F!@
A K H! I
I i YF $ Q
1 I 1 " ; C" -7 = 1
C ?;( VMware Ts$_ 7 ; O LP2 &N/ s 1 q Q 4q &-./ q -" ' / " LP2 ) # B 1 q// v s LP2 ' 4/ # "#I $ R 1 1 "C/… $ R 1 . O1 LP2 7 2 ) #&N/ Ts LP2 3 `W V L1 L 7 T -q #O LP #&- &9 .W s & 1 7 > T.P/" 9 s $" "Linux Net ware q & I s" desktop T. s Š"s &` `4s$_ s 1 &9 U (Virtural Networking) " $ d &1 F- 2_ Real time &1 " & s 0)• ' drag and drop $ q ' F ( PXE R $s gW $ [ 1 VMware s " k &,/"I ./. ‹ " s" ‹ r&‹ rq;' ‹ / ‹%&‹ r.‹ ( ) ‹ 4 ;‹ &1 $ r b 4 &p s$‹ _ s‹ " ‹ /s$ ‹
rVMware .W
s ‹ 1 ‹ .O "q,4 VMware $ …&F #( ' /
M 5J Ki YF #&- 9 I ;- ; &1
q
.O " ,4 -7 .
!"#$ !"#%!"# !"##!"##!"##!"##!" & ' (
()
*
(
)
$ $
&
+
' ,-
"!
. #" # $ 2
'
(
$ / 0
() 0
"!
"1 !
' . '
'
#' 3
i Y‹ Fs ‹ 1#
s t p &; 1 "!5&r H1
‹ t‹q ‹ i Y‹ F ‹ $‹ 1 q, ‹ d s‹ " ‹ /$ s‹ l" &‹ N+ ?(
T ' /.
‹ 1 ‹ i Y‹ F
1 4% # q t
‹ O7‹ "< #‹ 1 ‹ 4q ?
W T ./ 4 # 1
t‹ ‹ ‹P T " s 0‹ ‹ H "' ‹ ‹ /s ‹ ‹)
' /# 4 1
‹ ‹ OM‹ ‹ W T' ‹ ‹ /&‹ ‹ ‹ 1
B # ./ 1 BBB "q' P # q+/
#
7 1= " ; 1 &' B 1 # - % -* P& #= 9 7 '1 $ X95
&-2 " G
Author: Satanic Soulful E-Mail: [email protected] [email protected] Developed In:Satanic Digital Network Security ™ Special TNX 2 :Hell Hacker – Mr.P Hacker – I loveu Mct Collector & X Hulk Research By:5/-\t4N1C ©®Copyright For : Satanic Team 2005-2006 For More Information Go to Http://Hack-er.cjb.net/
©®All Right Reserved For Persian Hacker’s Œ Mr.PHacker_Ir 2005-2006 For More Information Visit:Http://PersianHacker.Net/ B
1
"$ 9 7
=
&1 A 1
Life & Girl’s Is No Matter’s The End.
&+8 € 8 2;
Related Documents
Honeypot
November 2019 13
Ids Honeypot
December 2019 32
Amun-honeypot
June 2020 4
