Re: Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet citi.umich.edu USER_IN_DEF_WHITELIST autolearn=ham version=2.61

From: Ryan Barnett <RCBarnett_at_hushmail.com>
Date: 21 Jan 2004 14:46:58 -0000

('binary' encoding is not supported, stored as-is) In-Reply-To: <20040121085146.GW5496_at_citi.citi.umich.edu>

I am assuming this advisory is in response to the recent Phrack "fake" article entitled "Advanced Honeypot Identification" -http://www.phrack.org/fakes/p63/p63-0x09.txt

It discusses some interesting issues with sebek, honeyd and vmware virtual honeypot systems.

-Ryan

>-----BEGIN PGP SIGNED MESSAGE-----
>
>Honeyd Security Advisory 2004-001
>=================================
>
>Topic: Remote Detection Via Simple Probe Packet
>
>Version: All versions prior to Honeyd 0.8
>
>Severity: Identification of Honeyd installations allows an
> adversary to launch attacks specifically against
> Honeyd. No remote root exploit is currently known.
Received on Wed Jan 21 2004 - 10:44:29 PST

Honeyd Resources

Honeyd Research

Honeypot Resources

Honeypot Books

Happy Hacking

Support Honeyd

Search Amazon

Re: Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet citi.umich.edu USER_IN_DEF_WHITELIST autolearn=ham version=2.61