Don's Pages and my Music

Monday, September 23, 2013

An App called Portspoof, that reminds me of Honeyd Virtual Honeypot, but with an added Bonus

Here's an App, called Portspoof, that reminds me of Honeyd Virtual Honeypot. "Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses - I have tested up to 65536 - on a LAN for network simulation. Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems." I've used Honeypot on several systems, since 2005. But, Portspoof, has an interesting added use. "Portspoof can be also used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this means that your server will be able to exploit your attackers' tools and exploits in an automated manner. This approach is purely based on Active (Offensive) Defense concepts." So, if you are interested in Protecting your System from Port Scanners and other such Attacks. Check them both out...

Don 

Portspoof

Art of Annoyance and Camouflage

The Portspoof program primary goal is to enhance OS security through a set of techniques that will slow down and keep your attackers out from staying low profile during their reconnaissance against your system(s).

By default the attacker's reconnaissance phase should be time consuming and easily detectable by your intrusion detection systems...

Art of Active (Offensive) Defense

Portspoof can be also used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this means that your server will be able to exploit your attackers' tools and exploits in an automated manner. This approach is purely based on Active (Offensive) Defense concepts.

Portspoof is meant to be lightweight, configurable, fast and secure (if it's not - please let me know)

Check it out:


Read More and see Demo Videos...
http://portspoof.org/

Honeyd Virtual Honeypot

Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses - I have tested up to 65536 - on a LAN for network simulation. Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.

Honeyd is open source software released under GNU General Public License. Even though Honeyd is used commercially by many companies, it is being developed in my spare time without any financial support. Nontheless, I always appreciate a reduction of my wishlists, if you feel so inclined. The README in Honeyd's source distribution and the acknowledgments page lists a number of people who have contributed code and ideas.

Current Status

Honeyd is maintained and developed by Niels Provos. Honeyd 1.5c has been released on 2007-05-27 and the next version is currently being developed.

Go there...
http://www.honeyd.org/



Portspoof Program to enhance OS security using techniques that will slow down and keep your attackers out from staying low profile during their reconnaissance against your system and can also Exploit the Attackers System and Honeyd Virtual Honeypot


» Linuxaria – Everything about GNU/Linux and Open source PortSpoof – An interesting anti-snooping tool for Linux
Portspoof - About
portspoof/DOCS at master · drk1wi/portspoof · GitHub
portspoof/ChangeLog at master · drk1wi/portspoof · GitHub
portspoof/COPYING at master · drk1wi/portspoof · GitHub
The Portspoof - Active Defense against port scanners - YouTube
The Portspoof - Exploiting your attackers exploits - YouTube
Nmap exploit - http-domino-enum-passwords.nse - YouTube
Http:BL Application Programming Interface (API) | Project Honey Pot
Developments of the Honeyd Virtual Honeypot


No comments:

Post a Comment