Honeyd on firewall machine ?
This is a discussion on Honeyd on firewall machine ? within the comp.unix.bsd.openbsd.misc forums, part of the OpenBSD category; --> Is it folly to run honeyd on a firewall machine ? I see comments to the effect that one ...
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 06:06 AM
| ||||
| ||||
 Honeyd on firewall machine ? Is it folly to run honeyd on a firewall machine ? I see comments to the effect that one should not do this since a honeypot will be interacting with hostile agents. But the firewall logs show that the firewall is interacting with hostile agents all the time. While I do separate the mail and other servers in a small business environment, I am comfortable running spamd on the firewall and watch the log with some interest. Could I reasonably do the same with honeyd in a systrace sandbox ?      |
|
02-16-2008, 06:06 AM
| ||||
| ||||
| Re: Honeyd on firewall machine ? George Pontis wrote: > Is it folly to run honeyd on a firewall machine ? I see comments to > the effect that one should not do this since a honeypot will be > interacting with hostile agents. But the firewall logs show that the > firewall is interacting with hostile agents all the time. But a firewall should not run services. Any services. Certainly not supposedly vulnerable services. That is plain stupid. > > While I do separate the mail and other servers in a small business > environment, I am comfortable running spamd on the firewall and watch > the log with some interest. Could I reasonably do the same with honeyd > in a systrace sandbox ? Use a machine in a dmz, safely contained... EJ -- Remove the obvious part (including the dot) for my email address. http://www.vanwesten.net for examples of ipf and pf. |
 |
« Some servvices on my edge box slow to reply
|
when using cvs to update ports, i get: "Disconnecting: Corrupted MAC on input" »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 10:58 PM.
