[转载]Detecting Botnets Using a Low Interaction Honeypot
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version.
页:
[1]