Home » Story links » Param's story links

Nepenthes - Low Interaction Honeypot

Link: http://nepenthes.mwcollect.org/
Points: 774 views User: Param Comments: 0 Comments Tag:

Nepenthes is a low interaction honeypot like honeyd or mwcollect. Low Interaction Honeypots emulate _known_ vulnerabilities to collect information about potential attacks. Nepenthes is designed to emulate vulnerabilties worms use to spread, and to capture these worms. As there are many possible ways for worms to spread, Nepenthes is modular.

Nepenthes vulnerability modules require knowledge about weaknesses so one can draft a Dialogue how the virus will exploit the weakness, gain the needed information to download the file and send the attacker just enough information he does not notice he gets fooled.

On the other hand Nepenthes is quite usefull to capture new exploits for old vulnerabilities. As Nepenthes does not know these exploits, they will appear in the logfiles. By running these captures against a real vulnerable machine one can gain new information about the exploit and start writing an Nepenthes Dialogue.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.