[deception toolkit http://www.all.net/dtk/]
I like the idea of this thing but what happens if there's a bug in
those scripts that fakes the vulnerabillities? Then couldn't it
just be vulnerable too?
If you want your firewall to remain safe forward the deceptive ports
to a dedicated deception
You are correct. There is always a possibility of bugs. I normally always log
to a different machine so I have a record of activity that cannot be
erased. My
logging server will not allow a telnet or other network connecting, other than
syslog.
I normally connect from a hardwired serial
Is there any point in running this on a firewalled box. I have use
pmfirewall to configure IPCHAINS and almost all the ports are closed.
Chris Mason
Box 340, The Valley, Anguilla, British West Indies
Tel: 264 497 5670 Fax: 264 497 8463
USA Fax (561) 382-7771
Take a virtual tour of the island
Hi All,
my $.02 :-)
I have not gone completely through the site to review it, but based on its
stated purpose, it has great merit. TO answer your question, yes there
is a point to running it on a firewalled box. Information is key. As a
sysadmin
you always want to be one step ahead of an
4 matches
Mail list logo