Sweet!
I subscribed and will deploy a honeypot over the weekend. :)
Gadi Evron wrote:
Hi all.
The honey pot "dump" mailing list is ready. Point your servers to
report to;
[EMAIL PROTECTED]
To get us started I am quoting Jeremy, who came up with the idea of us
pointing our nepethes sensors to a mailing list.
He is providing with simple instructions on how to get started using
nepethes, and how to point them to dump results to the new mailing list.
The mailing list which was created is at:
[EMAIL PROTECTED]
Subscribe at:
http://whitestar.linuxbox.org/mailman/listinfo/honeydump
Jeremy's how-to:
----------------
If you just want to get a nepenthes malware collection box up and
running, there is a ready to run vmware appliance available at:
http://www.dalmatech.com/downloads/Nepenthes.20.zip
I have no affiliation with the company, but this vmware appliance is
nice, precompiled, and has a great web interface. Just edit the
submit-norman.conf like so:
submit-norman
{
// this is the adress where norman sandbox reports will be sent
email "[EMAIL PROTECTED]";
urls ("http://sandbox.norman.no/live_4.html";,
"http://luigi.informatik.uni-mannheim.de/submit.php?action=verify";);
};
And then, in nepenthes.conf, uncomment the line "submitnorman.so",
"submit-norman.conf", ""
There is a little write-up on basic usage here:
http://www.securityfocus.com/infocus/1880
And the homepage for nepenthes is here: http://nepenthes.mwcollect.org/
_______________________________________________
botnets@, the public's dumping ground for maliciousness
All list and server information are public and available to law
enforcement upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
--
Charles Wyble (818) 280 - 7059
http://charlesnw.blogspot.com
CTO Known Element Enterprises / SoCal WiFI project
_______________________________________________
botnets@, the public's dumping ground for maliciousness
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
