[ previous ] [ next ] [ threads ]
 
 From:  John Smith <jvin248 at gmail dot com>
 To:  Drew Lehman <dlehman at digitatech dot com>
 Cc:  m0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] m0n0wall and virtual honeypot.
 Date:  Wed, 10 Dec 2008 16:57:04 -0500
Ok, this made me curious enough to do a bit of research...

Suggested system for a honeypot but not exactly auto updating:
http://asashi.net/pages/monopubip.html

pfSense may have a way to do it (I like the 'for your amusement' part):
"DenySSH monitors the auth log of a BSD system for failed SSH login 
attempts and adds repeat attackers to a Packet Filter table, allowing 
you to define PF rules to block the attacking hosts or redirect them to 
a honeypot for your amusement" http://www.ohloh.net/tags/freebsd/security

http://cvstrac.pfsense.org/honeypot

http://xkcd.com/350/


Drew Lehman wrote:
> Has anyone already played with the idea of having a honeypot that sends
> information to the monowall to block any address that accesses the honeypot.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>