Hi,
I have been after a free HoneyPot for Windows, that has a GUI and can help catch malware (Melih knows I have been after one) the honeypots I have looked at have either not been free or have been too much of a hassle to set them up (partitioning the drive and things like that) anyways I know if proble won't happen but I would like a HoneyPot.
Thanks,
Justin
Hey Justin,
The simplest way to make a honeypot for free is to have a PC with two hard drives (call them A and B). Set Windows up on each drive, separately, of course. Disconnect drive B (this will be our "real" Windows install and will have the same IP range as your LAN and have all security software running) and leave drive A attached as bootable, but without any security software running. Make certain that the IP address is in a different range to the rest of your LAN. Install the web server component and allows this PCs IP out to the internet - I assure you, someone will notice the server pretty damn quickly! Surf to all the suspect sites you can find, to make certain the PC is compromised.
When you are done, or just want to have a look, power down, connect drive B as the bootable drive and make drive A secondary. Boot Windows and have a look at your second drive.
PLEASE NOTE - THIS IS NOT FOOLPROOF! THIS IS NOT FOR THE FAINT OF HEART! THIS IS NOT AN IRON CLAD, SEGREGATED, DMZ'd HONEYPOT! YOU ARE INVITING BAD GUYS INTO YOUR HOUSE AND BAD GUYS CAN DO BAD THINGS!
Hope this helps,
Ewen :-)
(WCF3) (WCF3) (WCF3)
Author