HoneyBOT – Windows Medium Interaction Honeypot

Honeypot creates a safe environment to capture and interact with unsolicited and often malicious traffic on a network. HoneyBOT is an easy to use solution ideal for network security research or as part of an early warning IDS.

The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. The captured information is highly valuable as it contains only malicious traffic with little to no false positives.

HoneyBOT - Windows Medium Interaction Honeypot
HoneyBOT – Windows Medium Interaction Honeypot

Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits.

HoneyBOT works by opening a range of listening sockets on your computer which are designed to mimic vulnerable services. When an attacker connects to these services they are fooled into thinking they are attacking a real server.

The honeypot safely captures all communications with the attacker and logs these results for future analysis. Should an attacker attempt an exploit or upload a rootkit or trojan to the server the honeypot environment can safely store these files on your computer for malware collection and analysis purposes.

Honeybot Top Ports
Honeybot Top Ports connetions

HoneyBOT will simulate echo, ftp, telnet, smtp, http, pop3, ident, dcom, socks and radmin as well as a range of mischievous protocols such as devil, mydoom, lithium, blaster, dabber, sasser, netbus, kuang, sub7 and more.

You can read more and download this tool over here: http://www.atomicsoftwaresolutions.com/

Notify of
Inline Feedbacks
View all comments