[nflug] meeting possibilities

Brad Bartram brad.bartram at gmail.com
Wed Feb 14 14:50:48 EST 2007 

For a real basic demo - (1 system to show things working) - all I'd
need would be a system that runs linux with two or three nics.  The
distro isn't important as I'd be doing a custom install onsite to show
the process.  Since it wouldn't be live and collecting data, the
harddrive could be almost any size over 10 - 20gb.

To do a full honeynet setup, I'd need a basic linux system - could be
anything.  The second system would need to be like the one I described
above.  I could use my laptop as the thrid monitoring system - or even
use an available windows system.

The only critical system is that one with the three nics.  Everything
else can be found or made to fill a purpose.

The other thing I would need would be a hub or switch - I have one I
can bring - so if anyone else has one - that would be great.

Just to remind everyone - I'm putting it out now, but I can't do it
this month.  Just so noone gets excited for this saturday  ;-)

brad

On 2/14/07, Cyber Source <peter at thecybersource.com> wrote:
> Brad Bartram wrote:
> > I could handle this in a few different ways...
> >
> > First, I could give a pure presentation on how things work and how
> > things get setup.  That's not too big of a deal in terms of logistics.
> >
> > Second, I could give a practical demonstration and actually set up a
> > Generation III honeynet.  The caveats to this would be that I would
> > need three computers (two in a pinch), one with three network cards,
> > and two hubs / switches.  That would give a fully self contained
> > honeynet with a monitoring station completely seperate from the rest
> > of the building's network.  The other caveat is that it may be a
> > little time consuming in terms of getting things setup and working on
> > the fly.
> >
> > The third option is to combine the first two approaches - a little
> > theory and setup a standalone system.
> >
> > I'm good with any of the approaches - I'll let those who are
> > interested decide.
> >
> > Brad
> >
> > On 2/14/07, Cyber Source <peter at thecybersource.com> wrote:
> >> Brad Bartram wrote:
> >> > I don't know if anyone would be interested, but I figured I would
> >> > throw it out.
> >> >
> >> > I'm currently doing some projects working with honeypots, and
> >> > honeynets.  I would be more than happy to do a presentation on the
> >> > overview and concepts.  The only caveat would be that I can't do it
> >> > for this month's meeting.  It would have to be for the following month
> >> > or the one after.
> >> >
> >> > Let me know if it's something y'all would be interested in seeing.
> >> > It's definitely a novel use of linux.
> >> >
> >> > Brad
> >> >
> >> > On 2/13/07, Mark Musone <mmusone at shatterit.com> wrote:
> >> >>
> >> >> Another actual presentation could be talking about the linux boot
> >> >> process.
> >> >>
> >> >> I've found that it's very helpful to really understand the boot
> >> process,
> >> >> what happens, why, what initrd is, the boot loaders, init, standard
> >> >> linux
> >> >> processes, root disks, (x)inetd, running programs at boot
> >> time...etc..
> >> >>
> >> >> That might be better than the migration one...
> >> >>
> >> >>
> >> >> Mark
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> nflug mailing list
> >> >> nflug at nflug.org
> >> >> http://www.nflug.org/mailman/listinfo/nflug
> >> >>
> >> > _______________________________________________
> >> > nflug mailing list
> >> > nflug at nflug.org
> >> > http://www.nflug.org/mailman/listinfo/nflug
> >> >
> >> You say when and I'll be there with bells on! Is this something that you
> >> would actually try to implement? Would ITT allow such a thing Richard?
> >> _______________________________________________
> >> nflug mailing list
> >> nflug at nflug.org
> >> http://www.nflug.org/mailman/listinfo/nflug
> >>
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
> >
> I may have a relic around I could throw together to kinda get ready,
> what exactly would you need as far as OS (Linux flavor) and hardware?
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list