Description: Our friends over at BruteForce Labs decided to give us all a little present this holiday season. As I have spoke about on TekTip episodes in the past, BruteForce Labs has been working on a distro that combines many of the different honeypot projects and their addon modules. As Backtrack is to offense, and The Security Onion is to defense, HoneyDrive is the premiere honeypot distro.
HoneyDrive includes and is configured to run the following honeypots out of the box:
Kippo: Medium interaction SSH honeypot. Includes Kippo-Graph and Kippo2MySQL.
Honeyd: Low interaction flexible honeypot. Includes Honeyd2MySQL and Honeyd-Viz
Dionaea: Honeypot designed to collect malware and exploits.
Misc Honeypots: Sticky honeypot, Tiny honeypot, IIS Emulator (for Honeyd), InetSim, and SimH.
In addition to the honeypot software Honeydrive also includes a suite of tools for analysis, forensics, monitoring, and reverse engineering. Included in this list is our own tool Automater!
Tekdefense.com
1aN0rmus@tekdefense.com
http://www.securitytube.net/user/1aN0rmus
www.youtube.com/user/TekDefense
Tags: Honeydrive , honeypot , IDS , malware , Mysql , apache , kippo , kippo-graph , honeyd , honeyd-viz , scripts , Dionaea , phplite , Labrea , Tiny Honeypot , IIS Emulator , INetSim , SimH , EtherApe , wireshark , ClamAV , thop , P0f , flawfinder , Automater , Netcat , ssdeep , md5deep , pdftk , flasm , 1aNormus , TekDefense , TekTip ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
nice