Project Introduction:
Are HoneyPots more useful, the IDS?;
First of all, that s what
Honeypot IDS
regards the answer to the question, saying that according to my way of looking at the IDS, is a potential to add to the firewall, is a complement, passive-active, since there are some ids to simply report and others add exclusion rules to the firewall. The low
Honeys iteration (only allow the attacker to reach a certain network structure and not the OS) is a reactive approach in which decisions are made and all attacks is historicized avoiding default heuristic of IDS, which give false positives and several hundred mbs Logean in logs.
And that is this project?
has to do upon seeing the actual capacity of this plan civil guard and national police called Contigo Plan, which is to teach ordinary people to steal the neighbors' wireless networks, (a practice increasingly in use) has its risks, and from this blog support this plan completely state forces, and more will try to demonstrate in a controlled lab environment with a didactic purpose only, which is quite true that networked "We believe safe" can be completely audited , and is more so with some knowledge let's call "advanced" we fall into a honeypot and be what we call the haunting haunted, hunted or the hunter.
now explain the theory that we develop or modifies as I come across or unforeseen problems always exist in a project that is unknown potential. Guidelines
project, theoretical and practical:
really want to ride a DMZ (demilitarized zone) on my wifi network, and although some already smell the result, the project is to create an unsafe area with unsecured wifi access , and challenge the insecurity these networks offer a quick way, because if it is true that someone could let me petase the default wep, it is easier to access without key.
In this new network on my network DMZ, there will be a honeypot virtualized virtualbox in ubuntu, with possibly a honeynet (hopefully a few logs of attacks the truth honeys ...) and also a sniffer to MITM attacks exposing all http resources, and sessions with email passwords, bank, other sensitive information that can be shared by unknown and juankers believe us ... (That someone for having a wifi petado third party tools without knowing how they work even begin to think they are the wizards of IT)
Besides leaving this game juankers proactive work, will put a proxy type sidejacking cain making a catch, this is simulating a user's session and we'll see how to make us back a signed cain true for the user, you may need to use tools Ferret & Hamster. As all this
is quite complicated to set up and my knowledge of linux is zero, I hope to leave it as open project and go cleaning the project until it understandable, yet are just smudges ...
0 comments:
Post a Comment