Re: [PLUG] Linux SMTP honeypots?

Mike Sheinberg on 24 Mar 2010 05:51:18 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux SMTP honeypots?

From: Mike Sheinberg <m.sheiny@gmail.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Linux SMTP honeypots?

Date: Wed, 24 Mar 2010 08:51:11 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

Well scratch that. If anyone is interested, just ran across a couple of promising ones that I'll look into (none of which seem like SMTP honeypots but they fulfill the malware collection aspect):

-mwcollectd

-honeybow, and
-nerpenthes

On Wed, Mar 24, 2010 at 8:40 AM, Mike Sheinberg <m.sheiny@gmail.com> wrote:

Anyone have any suggestions for Linux-based SMTP honeypots? Specifically, I am trying to capture malicious attachments for analysis so I'm looking for something that does more than just slow down spammers (like a tarpit). I'm running into a lot of honeypot projects that simply stall attackers and mimic infected machines but having difficulty finding ones which save files that they try to send. Anyways, let me know if anyone has any good tips on where to start.

Thanks!
Mike

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Linux SMTP honeypots?
From: "Sean M. Collins" <sean@seanmcollins.com>

References:

[PLUG] Linux SMTP honeypots?
From: Mike Sheinberg <m.sheiny@gmail.com>

Prev by Date: [PLUG] Linux SMTP honeypots?

Next by Date: Re: [PLUG] Linux SMTP honeypots?

Previous by thread: [PLUG] Linux SMTP honeypots?

Next by thread: Re: [PLUG] Linux SMTP honeypots?

Index(es):

Date

Thread