Nepenthes

Nepenthes is a low interaction honeypot like honeyd or mwcollect.
Low Interaction Honeypots emulate _known_ vulnerabilities to collect
information about potential attacks. Nepenthes is designed to emulate
vulnerabilties worms use to spread, and to capture these worms. As
there are many possible ways for worms to spread, Nepenthes is modular.
There are module interface to

  • resolve dns asynchronous
  • emulate vulnerabilities
  • download files
  • submit the downloaded files
  • trigger events (sounds abstract and it is abstract but is still quite useful)
  • shellcode handler

Click here for the project homeFound on Bruce Schneier blog.

Advertisements

Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek. http://linkedin.com/in/xavierashe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s