Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Can this be done? - Idea for a Honeypot

  1. #1
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default Can this be done? - Idea for a Honeypot

    Hiya

    Well i have been thinking that as i had 2 routers to extend the range of my wireless it was a major security risk as client is always connected [ cheers for highlighting this -=Xploitz=- ]

    So i have invested in a cheap TP link yagi aerial [£12.99 from bigpockets.co.uk]

    and i have got much better coverage from just the one router.

    This now means i have a surplus router.

    Is it possible to create a honeypot [ i think im using right term here ] which has exactly the same SSID as my network - make it unsecured and then just cloak myessid of the network.

    I have a really old laptop with can run win2000 and thats it [it has 32MB ram - thats how old it is] and i was wondering if i could create a webserver on it and have a webpage with the words " Your MAC Address has been logged - Thanks for trying to steal my internet - Authorities have been emailed your PC - Hardware Details"

    Just to put the $hits up whoever logs on to it.

    I ask because whenever i try something it goes wrong so i thought i best ask if you guys think its do-able

    - btw i dont actually want to record any data - or email the authoritys - just shake em up

  2. #2
    Member
    Join Date
    Aug 2007
    Posts
    231

    Default

    Well, what would happen if you "snag" someone who panics that his illegal activities have been discovered, then decides to break into your home, kill you and your family, then proceed to destroy all the equipment with the "log".

  3. #3
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Better yet, Instead of setting up a honeypot, just go bust a cap in anyone nearby that way they can't get on your wireless routers. This includes anyone driving past your House.

    I wouldn't recommend doing that as it was a joke. If someone is on my wifi, I just ettercap their ass. You could do upside-down-ternet, which is kinda hard (IMO and skillset). Thorin posted something that had to do with that, but with application downloads. They try and download something, but you push out something else

    That would be awesome.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  4. #4
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    that sounds like a much funnier solution

    guess im gonna have to hunt down for upside down net.

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by mummysboy View Post
    that sounds like a much funnier solution

    guess im gonna have to hunt down for upside down net.
    Why not just use everything's gone goatse.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by streaker69 View Post
    Why not just use everything's gone gotse
    Wrong on so many levels.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  7. #7
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    ok - im exceptionally new to this - and that link is fooked up - like really really foocked up. Im going to drink meths in the vain hope to wipe it from my memory

    http://www.ex-parrot.com/~pete/upside-down-ternet.html was the link thorin mentioned but omg i got lost in the first 1/2 of the tutorial. I guess im gonna have to try and figure it out.

    I presume that i would need to redirect all traffic to that horriffic site except for an 'allowed' list. and can i ask how i would go about this?

    do i need to grab specific software? or can it be scripted?

    like i said im new to this but i like the idea of directing people to one site only.

  8. #8
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by mummysboy View Post
    ok - im exceptionally new to this - and that link is fooked up - like really really ****ed up. Im going to drink meths in the vain hope to wipe it from my memory

    http://www.ex-parrot.com/~pete/upside-down-ternet.html was the link thorin mentioned but omg i got lost in the first 1/2 of the tutorial. I guess im gonna have to try and figure it out.

    I presume that i would need to redirect all traffic to that horriffic site except for an 'allowed' list. and can i ask how i would go about this?

    do i need to grab specific software? or can it be scripted?

    like i said im new to this but i like the idea of directing people to one site only.
    Dont even ask. it's not easy to do. (for me anyway).

    Best thing to do is setup a SMOOTHWALL box (look it up). It can act as a proxy cache server transparently with squid. All you would need to do from there is install the apps (mogrify) and then chop up the network into trusted and untrusted, and then runs the scripts. It's been mentioned on here before and I dont know anyone that has had success doing it other than that site. (I KNOW, it can be done, but the knowledge I have doesn't come close to experimenting with all of that.)

    Smoothwall would be your best bet (or Ipcop or another linux distro that provided the transparent proxy service). Smoothwall is nice because squid is so easy to configure. On other distros it was such a headache. I tried getting squid to run on BT. I got it to work, but not transparently. it would work if you told the other browsers from other machines to point the proxy's address. I found out later it was a bug in squid and that you had to add a few special lines to make it work. Not in the newer version.

    I run smoothwall at home. It's nice. Shows what each IP on your network has accessed via HTTP. Logs all IM conversations (msn, yahoo, aol, irc, Icq), built-in firewall, Dans-guardian (so ya can't browse the pr0n), clamav, and a slew of other stuff. Plus everything is transparent. You dont have to configure any browsers. That's how I caught all the RST packets from a specific IP. Upon whois'ing the IP, I found it was C0mCast! Killing all my torrents. Nice!
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  9. #9
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    hmm - i think the laptop i was planning to use may not be up to the task lol.

    Thankyou very much for the pointer - i wont be able to get a new box till the new year - so looks like i wont be able to try till jan/feb

  10. #10
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    C'mon guys...if you wanna mention goatse fine..but don't hyperlink to that crap from here please. That kinda follows under the infraction for

    Any religious, political or pornographic references will not be tolerated.


    Verbal warning to all.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •