fmII
Fri, Jul 25th home | browse | articles | contact | chat | submit | faq | newsletter | about | stats | scoop 18:02 UTC
in
Section
login «
register «
recover password «
[Project] add release | add branch | add screenshot | broken links | change owner | email subscribers | update project | update branch (urls) [Project]

 Tiny Honeypot - Default branch
 Section: Unix

 

Added: Mon, Jul 15th 2002 02:51 UTC (6 years, 0 months ago) Updated: Thu, Jul 1st 2004 11:50 UTC (4 years, 0 months ago)


About:
Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects and an xinetd listener. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders are entirely written in Perl, and provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while. With appropriate limits (default), thp can reside on production hosts with negligible impact on performance.

Author:
George Bakos [contact developer]

Rating:
8.47/10.00 (1 vote)

Homepage:
http://www.alpinista.org/thp/
Tar/GZ:
http://www.alpinista.org/files/thp/thp-0.4.6.tar.gz
Changelog:
http://www.alpinista.org/files/thp/thp-0.4.6/CHANGELOG
Debian package:
http://packages.debian.org/tinyhoneypot

Trove categories: [change]
[Development Status]  4 - Beta
[Environment]  Console (Text Based)
[Intended Audience]  System Administrators
[License]  OSI Approved :: GNU General Public License (GPL)
[Operating System]  POSIX :: Linux
[Programming Language]  Perl
[Topic]  Security

Dependencies: [change]
iptables (required)
xinetd (recommended)
[download links]

 
Project admins: [change]
» George Bakos (Owner)

» Rating: 8.47/10.00 (Rank N/A)
» Vitality: 0.00% (Rank 13592)
» Popularity: 1.03% (Rank 5583)

project statsdownload stats
(click to enlarge graphs)
   Record hits: 10,807
   URL hits: 5,284
   Subscribers: 24

Other projects from the same categories:
JVerify
Net::SFTP for Ruby
Simple Python Keylogger
Console Password Manager
Groovy

Users who subscribed to this project also subscribed to:
GTK+
PicoGUI
Pandora Engine
Pydspam
SSHVnc


Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

 Branches

Branch Version Last release License URLs
Default 0.4.6 24-May-2003 GNU General Public License (GPL) Homepage Tar/GZ Changelog

 Comments

[»] The perfect IDS spice
by Bill Scherr IV - Aug 1st 2002 13:28:02

This package is perfect for those who are not intimately familiar with packet bits and c source code. The listener is just that, a listener. The responses are there to illicit a further degree of attacker activity without actually running the service. Attackers won't know what they're hitting until they've tipped their hands!

What does this do for you? If you want to understand more about network shenanigans, this will lay bare RPC and FTP attacks. It's in PERL, so if you want more services, grab an RFC and write it! A CAVEAT! If you're running a production network, think long and hard before putting this up! If you are not comfortable that your IDS is showing you everything, don't even think about it! Just say no!!!!

If you are still here, that means you know what xinetd and iptables do, can analyze their settings, and have them working. Open this in a test directory, and check out what it does first! You may have to manually add some rules, or adjust some services. Do it, and enjoy watching the script kiddies bounce off your walls.

--
Bill Scherr IV, GSEC, GCIA EWA / Information & Infrastructure Technologies Colchester, VT

[reply] [top]



© Copyright 2008 SourceForge, Inc., All Rights Reserved.
About freshmeat.net •  Privacy Statement •  Terms of Use •  Trademark Guidelines •  Advertise •  Contact Us • 
ThinkGeek •  Slashdot  •  Linux.com •  SourceForge.net  •  Jobs