Ok I know I haven’t been posting much lately about packets I have captured but it not like I have built a fan base yet. I have succeeded in one of my goals however, using honeytrap to capture packets for the security community. Recently port 20000 was reported as on the rise by Dshield and SANS had a call for packets. Being that honeytrap is listening on all ports all of the time I was able to filter all my pcap data for that port and submit full packet captures from established sessions. I know it’s not much, but it is a step in the direction I was hoping to take with this project. Hopefully I can continue to keep on top of the SANS postings and keep submitting packets.
No comments:
Post a Comment