Resending to the list.

Anyone game to try this out???

The honeypot sensor configs are on the OWASP CRS /util directory - https://github.com/SpiderLabs/owasp-modsecurity-crs/tree/master/util/honeypot_sensor

-Ryan

From: Ryan Barnett <rbarnett@trustwave.com>
Date: Monday, December 17, 2012 4:32 PM
To: "mod-security-users@lists.sourceforge.net" <mod-security-users@lists.sourceforge.net>, "owasp-modsecurity-core-rule-set@lists.owasp.org" <owasp-modsecurity-core-rule-set@lists.owasp.org>
Subject: Setting HoneyTraps with ModSecurity: Unused Web Ports


I am hoping that you find it useful and that some folks will consider setting this up and sending logs to our WASC Distributed Web Honeypots central logging server.

--
Ryan Barnett
Trustwave SpiderLabs
ModSecurity Project Leader
OWASP ModSecurity CRS Project Leader



This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.