|Flypaper--A simple Honeypot variation|
- PGP Keys
- Vossen's Law
- Firewall Rules
- Home Net Security
- Snort Books
- Sec Tools
- Honeypot Stats
- Firewall Stats
- IP Calcs
- SME Server
- Backup (DI-30)
- Win Tools
- Win. Shell Scripting
- POSIX Redirection
In March of 2003 I put together a setup that I've been calling my "honeypot." It isn't though and I realized that I'm creating a little confusion by calling it that.
A traditional honeypot is intended to be hacked and allow you to watch what the hacker does in other to learn about hackers and their methods. That is not what I'm doing here. My goal is to catch the packets buzzing by on the Internet. I want to see who is scanning or attacking what ports. My machine has never hosted any public service--anything that reaches it is uninvited. That's the point. I want to catch the stuff that just flys by.
So it's kind of like Internet flypaper.
That's what I'm calling it. A quick Google search for "honeypot flypaper" turned up three references that seem to be talking about the same sort of idea (1, 2, 3). It also turned up some interesting adult slang that I'm not going to get into here.
The statistics from my Internet Flypaper are automatically updated every Sunday morning, so you can see what's hitting the 'Net in my small corner.
Eventually I want to add a "How To" document here. At the moment I'm still experimenting with the setup when I have time. But I will share a few details to give you an idea and to show the amount of resources you don't need to have.
Most of the hardware is junk, and all of the software is free.
Last Modified: $Date: 2007-11-28 02:26:46 -0500 (Wed, 28 Nov 2007) $