Charles Wyble
Sat, 30 Aug 2008 06:27:25 -0700
Sweet! I subscribed and will deploy a honeypot over the weekend. :) Gadi Evron wrote:
Hi all.The honey pot "dump" mailing list is ready. Point your servers to report to;[EMAIL PROTECTED]To get us started I am quoting Jeremy, who came up with the idea of us pointing our nepethes sensors to a mailing list.He is providing with simple instructions on how to get started using nepethes, and how to point them to dump results to the new mailing list.The mailing list which was created is at: [EMAIL PROTECTED] Subscribe at: http://whitestar.linuxbox.org/mailman/listinfo/honeydump Jeremy's how-to: ---------------- If you just want to get a nepenthes malware collection box up and running, there is a ready to run vmware appliance available at: http://www.dalmatech.com/downloads/Nepenthes.20.zip I have no affiliation with the company, but this vmware appliance is nice, precompiled, and has a great web interface. Just edit the submit-norman.conf like so: submit-norman { // this is the adress where norman sandbox reports will be sent email "[EMAIL PROTECTED]"; urls ("http://sandbox.norman.no/live_4.html";,"http://luigi.informatik.uni-mannheim.de/submit.php?action=verify";);}; And then, in nepenthes.conf, uncomment the line "submitnorman.so", "submit-norman.conf", "" There is a little write-up on basic usage here: http://www.securityfocus.com/infocus/1880 And the homepage for nepenthes is here: http://nepenthes.mwcollect.org/ _______________________________________________ botnets@, the public's dumping ground for maliciousnessAll list and server information are public and available to law enforcement upon request.http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
-- Charles Wyble (818) 280 - 7059 http://charlesnw.blogspot.com CTO Known Element Enterprises / SoCal WiFI project _______________________________________________ botnets@, the public's dumping ground for maliciousness All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets