| ||||||||||||
| |||||
There is at least one other Windows-based honeypot and many Unix-based honeypots that you may want to review. The other Windows honeypot is Honey-Potter (http://honeypott4.tripod.com). It was written by Moran Zavdi (moraniam@hotmail.com) as a honeypot for Windows 2000. During the installation, you can choose between simulating a Windows 2000 computer or a Solaris box. You can simulate FTP, POP3, SMTP (Exchange or Sendmail), and HTTP (port listener only) services. This honeypot supports only one connection at a time and logs events to a text file. It’s very limited and not widely tested or well known.
Note | I also reviewed a honeypot appliance, but it did not compare favorably against the current software offerings. |
The Tracking Hacker’s web site (http://www.tracking-hackers.com/solutions) and Honeypots.net (http://www.honeypots.net/honeypots/products) have extremely comprehensive lists of honeypots, both commercial and free. Many of the honeypots are not Windows solutions, but these sites are the best place to check to see if any new honeypot solutions have been released.
| |||||