• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot

Added by Papergrl

Description: My previous three honeypots had all been RedHat 6.2 default server installs and had all been hacked using exploits in rpc.statd or wuftpd. RedHat 6.2 seems to be a reasonable representation of the operating systems that exist out on the internet at the moment, although 6.2 is pretty dated there are still a lot of copies floating around as I found out when I asked a colleague for a copy of RedHat. This is going to be my last Redhat 6.2 honeypot after this I will move onto pastures new, perhaps a Windows machine or a later version of Redhat.