Network Security Library
Javascript Feeds    RSS Feed    Security Dashboard    SearchSecurity.com
About | Contact | Advertise | Site Map
intrusion detection E-mail      Save Save This

Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot


{LANG_NAVORIGIN} Intrusion Detection Honeypots
By: Stephen Holcroft, 04/22/2004



My previous three honeypots had all been RedHat 6.2 default server installs and had all been hacked using exploits in rpc.statd or wuftpd. RedHat 6.2 seems to be a reasonable representation of the operating systems that exist out on the internet at the moment, although 6.2 is pretty dated there are still a lot of copies floating around as I found out when I asked a colleague for a copy of RedHat. This is going to be my last Redhat 6.2 honeypot after this I will move onto pastures new, perhaps a Windows machine or a later version of Redhat.

Read Entire Paper















E-Mail Link

Your IP address will be sent with this e-mail
From e-mail to e-mail



Stats
210 Views
5/5 Rating
1 Votes
Papers
Newest
Highest Rated
Most Viewed
Reference

Services
Javascript Feeds
RSS (New Papers)
Security Dashboard

Our Stuff
About SecurityDocs
Advertise
Contact

Valid HTML 4.01!
Valid CSS!


Unless otherwise noted, all paper copyrights are owned by the author. The rest copyright 2003-2005 TechTarget

Privacy : Contact