August 9, 2011 at 1:17 am #6677
Has anyone tried this and would it be against their TOS? I would think it would be a grey area. I would setup one of these outside of my home network rather than in it. I don’t have the ability to segment in the home network… yet… but figure this might be the best solution if it is doable.
Any thoughts or suggestions?
August 9, 2011 at 1:29 am #41499
August 9, 2011 at 2:31 am #41500
Thanks cd1zz, I will see what they say. No sense putting energy into it if they will just take it down or tell me to kill it.
August 9, 2011 at 3:19 pm #41501
Follow-up, yep definitely against the TOS. Ok plan B I guess capture the neighbor’s wifi and… nevermind. j/k. Guess I may have to ramp up some networking at the house and segment. I could just go shields up on everything but really don’t want to risk it. I already have some entertainment devices that don’t seem all that secure and I would like to segment them off anyway. Time to look for a new switch and possibly a router.
August 31, 2011 at 7:28 pm #41502dynamikParticipant
Have you looked at a VPS (i.e. arpnetworks.com)?
I’m not sure if they’d allow it, but it’s worth asking (and costs as low as $10/mo).
September 1, 2011 at 1:16 pm #41503
I’ll take a look at them. Though at this time I decided to put the extensive malware analysis on hold a bit. I will work with what I get in the wild. I am refocusing more on my python skills since the two main goals I have now require me to be a bit stronger with the scripting.
Overalll it will lead back to malware analysis and maybe even open the doors to some reverse engineering in the future. Man wish I went CS sometimes. MIS seems to have been a hinderance since a majority of the skills taught in that major 10+ years ago were not so useful then and even less useful now. Got a little jealous when I looked at the CS curriculum at my old university.
November 9, 2011 at 11:10 am #41504ethicalhack3rParticipant
I was thinking the exact same thing and Google led me here. 🙂
Even though it is against their TOS, how would they know you were hosting a honeypot?
I’ve never used Amazon EC2 before so I’m not sure how it works.
I guess they do some monitoring on the boxes traffic for malicious activity? Even if they did, with the amount of boxes they are hosting, would they have the time to take any action?
(just thinking out loud and sorry to resurrect an old thread)
I was thinking about using something like this;
TurnkeyLinux Hub doesn’t allow you to use the free 1 year micro server offered by Amazon and their registration process is ridiculous.
November 9, 2011 at 2:05 pm #41505
I was thinking about that (running it anyway). I suppose if you are running something like a web server then how would they know you are deliberately running a honeypot behind it? Their free EC2 instance for linux is a bit hoaky though so navigating it to install apps and hunting down the appropriate log files is a bit more convoluted than what I am used to. At this time I’ve put a hold on the little project until I can get some other items done.
November 10, 2011 at 9:44 am #41506AnonymousParticipant
cool idea however I would not do it epically as you have contacted them and they have told you its against there TOS.
November 10, 2011 at 2:41 pm #41507
True Jamie, I can’t play dumb now since I did contact them. No biggy, I have other things filling my time at the moment.
November 10, 2011 at 10:43 pm #41508ethicalhack3rParticipant
I set-up a web server over the weekend.
You can choose an official Ubuntu machine, type in the official Ubuntu user ID when doing a search for machines.
The web server is just Apache with a htaccess file that contains modrewrite rules to reply with 200 responses instead of 404s.
I’m just going to monitor the access logs from now and then. It might yield somethign interesting, it may not, hasn’t cost anything. 🙂
- You must be logged in to reply to this topic.