|
Search Tech-Forums - link takes you to our Forum's search page. Note: The following is only a text archive! To view the actual forum discussion, please visit our website at http://www.tech-forums.net Pages:1 Detecting Botnets Using a Low Interaction Honeypot(Click here to view the original thread with full colors/images)Posted by: office politics [url=http://www.infosecwriters.com/text_resources/pdf/Honeypot_Mambo_JRiden.pdf]Detecting Botnets Using a Low Interaction Honeypot[/url] by Jamie Riden on 23/03/06 This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version. vBulletin Copyright ©2000 - 2003, Jelsoft Enterprises Limited. PPC Management vB Easy Archive Final - Created by Xenon |