Accepted thp 0.4.6-1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Format: 1.7
Date: Wed, 17 Sep 2003 08:43:34 +0200
Source: thp
Binary: tinyhoneypot
Architecture: source i386
Version: 0.4.6-1
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Changed-By: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Description:
tinyhoneypot - Small honeypot to trap attackers.
Changes:
thp (0.4.6-1) unstable; urgency=low
.
* Initial Release.
* Modified thp.conf so that it is easier to add new service banners and
so that _all_ banners are chosen randomly.
* Greeting program in thp.conf is /bin/false in order to avoid calling
fortunes (will add it to Suggests: in the future)
* Provide a sample inetd.conf but will not add the honeypot directly
into the system (yet)
* Logthis has been renamed to 'thpot' since the name is too generic
* Added a manpage for thpot
* Improvements:
- SMTP banner is not hardcoded (derived from 'simple honeypot')
- Added SSH function (very simple one, but could be used to trap
0-days)
- Ftp, SSH and SMTP banners are not hardcoded but are changed
randomly in configuration.
- Sanity check in getip just in case intf is not properly defined.
- Added ls output to shell (taken from 'simple honeypot' with some
changes to avoid sending errors)
- Added errorfile to debug problems within the scripts (and avoid
ouputting them to the attacker)
- Added sanity checking in http responses (in case the user has not
defined a proper directory with them)
- Sanity checks on greeting programs (should probably check wether
the first argument is executable)
- Included the analyzer perl script from simple honeypot into the
examples directory.
- lib/httpd modified to use a predefined version of server in case
it is not defined (the user screwed up the config)
- lib/httpd modified to setup a valid version just in case the
remote attacker does not send a valid HTTP header for some reason
- added lib/pop3 (from 'simple honeypot')
- fixed bug in lib/smtp.pl (smtp -> smtphash)
- subsituted the code for lib/smtp.pl with the code from 'simple honeypot'
- removed the exit 0 from lib/http.pl or otherwise the CATALOG will
not be closed (and logs will not be created for the end of a
http connection)
Files:
ed4c3173da5dec9221c07e4beb58f43e 677 admin extra thp_0.4.6-1.dsc
227ef8a3cedb49a1c634298f71a5832b 27999 admin extra thp_0.4.6.orig.tar.gz
74a41c410358fdb92a4db2bf38abb42d 13398 admin extra thp_0.4.6-1.diff.gz
307694369a9224610bb2be318089431f 42110 admin extra tinyhoneypot_0.4.6-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBP2yphftEPvakNq0lAQERPgP+Pc8Idvnd3KgUHSF89t0FzKDM1GnAhkMu
YCRPm2EzNC5uZJoiPtV0Udex5dNyW55yiuZt0hc6ra/YWfxCtyuYJL4jiYx5+on7
0wOV9SKGJ8tsb0yQ0SZzD7OIyShVKN4I2VejvC6MSdiz2jmJxHOOmI/DdlD9Enok
LijyTEimheY=
=6hq1
-----END PGP SIGNATURE-----
Accepted:
thp_0.4.6-1.diff.gz
to pool/main/t/thp/thp_0.4.6-1.diff.gz
thp_0.4.6-1.dsc
to pool/main/t/thp/thp_0.4.6-1.dsc
thp_0.4.6.orig.tar.gz
to pool/main/t/thp/thp_0.4.6.orig.tar.gz
tinyhoneypot_0.4.6-1_i386.deb
to pool/main/t/thp/tinyhoneypot_0.4.6-1_i386.deb
Reply to: