CRIME Recommended Honeypot Tools?

From: Clint Kaiser (clint.kaiser@private)
Date: Mon Apr 21 2003 - 14:52:40 PDT

Next message: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"

Previous message: Raan Young: "CRIME Cyber War on Frontline"
Next in thread: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"
Reply: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"
Reply: Andrew Plato: "RE: CRIME Recommended Honeypot Tools?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi folks,

Does anyone have experience with the open honeypot project?  I'm looking
for a recommendation on honeypot tools. 

Clint Kaiser
Director of Information Security
First Technology Credit Union

-----Original Message-----
From: Crispin Cowan [mailto:crispin@private] 
Sent: Thursday, April 10, 2003 6:41 PM
To: Steve Coffman
Cc: crime@private
Subject: Re: CRIME dnj cum get some fmmwmm

Steve Coffman wrote:

> It really makes one wonder. Do they know what kind of list this is?

Of course not. The essence of spam is shotgun marketing, where you blow 
out as much crap as you can in the hopes of hitting a customer, with no 
regard what so ever for who ever else you might hit. A recent study 
found that 90% or more of spammed e-mail addresses were harvested by 
robots that collect e-mail addresses found on web pages. *Note:* that 
includes posts to this list, which are publicly archived.

> On the other hand, can anyone take any actual action against them?

A little 
<http://directory.google.com/Top/Computers/Internet/Abuse/Spam/?tc=1>. 
Personally, I use spamcop <http://spamcop.net/>. In practice, it likely 
does very little damage to spammers, but it does hurt them a bit, and 
tools like that are the only leverage we have that pushes back against 
the spammers at all.

I also have recently begun using Mozilla 1.3 
<http://www.mozilla.org/releases/#1.3> (the Immunix 
<http://nxnw.org/distro/nxnw.org/RPMS/> version) as my mail client, 
which includes Bayesian spam filtering 
<http://www.mozilla.org/mailnews/spam.html>. This works quite well, but 
unlike things like Spamcop, client-side filtering does not hurt the 
spammers *at all*, and just invites the spammers to to send even *more* 
spam, with even more variant spelling and formatting to try and evade 
filtering.

Crispin

-- 
Crispin Cowan, Ph.D.                      http://wirex.com/~crispin/
Chief Scientist, WireX                    http://wirex.com
HP/Trend Micro Immunix Secured Solutions
http://h18000.www1.hp.com/products/servers/solutions/iis/
			    Just say ".Nyet"

Next message: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"
Previous message: Raan Young: "CRIME Cyber War on Frontline"
Next in thread: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"
Reply: Crispin Cowan: "Re: CRIME Recommended Honeypot Tools?"
Reply: Andrew Plato: "RE: CRIME Recommended Honeypot Tools?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 21 2003 - 15:39:50 PDT