[Labrea-users] Labrea & snort == Billy Goat ?
Status: Abandoned
Brought to you by:
lorgor
Menu
▾
▴
[Labrea-users] Labrea & snort == Billy Goat ?
|
From: Mokum v. A. <war...@gm...> - 2004-10-22 14:27:16
|
Greetings, I am new to this list but found no mention of this question in the archives so I'll try here. You might have heard of the research project by IBM called Billy Goat [1]. It basically has the same functionality as Labrea [answering unaswered connection requests] with the distinction that it does some analysis of the connection made [ala snort]. It is not a honey pot since you can't 'use it' as there are no actual services on it, nor am I personally interested in the data a honey pot dellivers [and the risks associated with it]. The great thing about the concept as explained in the article is that it does some analysis of the connection and based on this makes reports. It sounds like labrea [tarpit] with snort [ids] on top of it. This can not be new, and I am sure some of you can point me my errors of thinking or in the direction of actual implementations of such a beast? Regards, mokum [1] http://www.informationweek.com/story/showArticle.jhtml?articleID=14200013 & http://www-5.ibm.com/ch/mediaflash/archiv/3Fragen10_2003.html |
