Another question... How do you do monitoring of honeypot activity? Read logs, play sessions, etc?
I have a script that emails me on every successful login with ip an password used so I know seconds after it happens. That's my first line in fact, then I review logs and ttylogs, look at DLs, etc
Also what do you do if you go away - say for holiday, and don't have a person to look after honeypot? Leave it to collect data and maintain 'status quo' or turn off and not take the risk?
Just curious what do you do ;)
--
Tomasz Miklas
--
You received this message because you are subscribed to the Google Groups "kippo users" group.
To post to this group, send email to kippo...@googlegroups.com.
To unsubscribe from this group, send email to kippousers+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/kippousers?hl=en.
Dennis Lemckert
http://www.dlemckert.nl
Twitter: dlemckert
--
Only two things are Infinite: the Universe and human stupidity.
And I'm not sure Aboutaleb the Universe.
- Albert Einstein -
Lifestyle should NOT be a journey to the Grave with the intention of
arriving safely and in an attractive and well preserved body, but
rather to skid in sideways - Chardonnay in one hand - chocolate in the
other - body thorougly used up, totally worm out and screaming 'WOO
HOO, what a ride!'
- somewhere from the 'net -
PGP Key: 0xF66585F60DDEC3B6
http://pgp.surfnet.nl:11371/pks/lookup?op=index&search=0xF66585F60DDEC3B6