On Wed, 20 Jun 2001, Nicolas Gregoire wrote: > I plan to make a website just for my pen-tests. > > This website grabs as much as possible info from the visitors (IP, > browser, proxy, etc ..), tries to exploit some common vulns of browsers > (Guninski's page is a good start for this) and hosts a passive > fingerprinting app. > The victims are "spammed" with some misc. content (p0rn, free CD/DVD, > jokes) linking (or redirecting) to the site. > > Has anybody ever do that ? Hmm, I have done this before, but for different reasons. When I do assessments, I like to run a simple honeypot on my laptop. Consider this a passive assessment, while you are out looking for issues, things might come looking for you (viruses, trojans, scanners, etc). Good way to find is someone is being naughty. For example, one time I was conducting an assessment of a organization in Asia. Thirty minutes prior to a presentation I was to give to the board of directors, my laptop was attacked, as an attacker was scanning the company's network. The honeypot software was attacked, and recorded the entire session. This was great evidence to give to the board of directors, as it validated to them why I was conducting the assessment. I had proof that the bad guys were hitting their network, and the attackers were not friendly. At the time I was using BOF by NFR, but this is no longer available. One commercial honeypot solution that may work for you laptop is Specter (www.specter.com). lance
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 13:27:50 PDT