Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Link to Us
Linux Jobs

More on LinuxToday

Infosec Writers: Detecting Botnets Using a Low Interaction Honeypot

Mar 28, 2006, 12:15 (0 Talkback[s])
(Other stories by Jamie Riden)

"This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version..."

Complete Story

Download xpdf

Related Stories: