Comments on Fred Cohen's "Deception Toolkit"

From: Jeremy Epstein (jepsteinat_private)
Date: Wed May 13 1998 - 11:54:28 PDT

  • Next message: Shane Mason: "RE: PPTP (again)"

    A couple of months ago Fred Cohen announced the availablility of his
    "deception toolkit" (details are available at  It's
    basically a set of tools that you can put on your system to simulate a
    "honeypot", that do lots of logging.  For example, you put his "telnet" out
    there and find people rattling doorknobs (rather than just having nothing
    to respond, in which case you're less likely to know that someone was
    trying).  My initial inclination is that it's a pretty lame excuse for an
    intrusion detection system, but am looking for more knowledgable opinions!
    Anyway, I've looked around the net (including searching archives of this
    list), and have found very little discussion of his "product".  Any
    opinions out there?
    Thanks for your input!

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:13 PDT