i want to know how can i create honey pots .. are there any howtos for it ? + i even want to know how i doo full monitorying of my linux system .. i want to logss everything key stroke whether type over the network by using telnet .. or type through the attached keyboard .. inclue tty/pts/etc etc .. which is the best sniffer around . plzz mind you .. i need to put these things up urgently as one of my linux machien has got hacked .. and i want to catch the intruder instead of doing a clean install .. am running redhat 6.2 with all the vulnerable services of the world open . wutp . bind , telnet etc ect

Originally posted by blackboy i need to put these things up urgently as one of my linux machien has got hacked .. and i want to catch the intruder instead of doing a clean install .. am running redhat 6.2 with all the vulnerable services of the world open . wutp . bind , telnet etc ect

Don't you think this is a bit childish? Why not just spend your time learning how to secure your box properly?

and when you catch them? what then, trap them in a jar, keep them in a cage?

i would talk to them, ask them how they got in, when I had someone invade my system, they emailed out system logs to people. What did I do? I emailed each person regarding what happened, finally found who did it and spoke to him. Turns out he had a script that would scan, exploit and then mail out thhow he did it and what I needed to do.. I have yet to have someone break into my box.. that I have been aware of at least..

Actually a honeynet is a good way to understand how security works. Knowing how to break into something teaches you how to defend against it. If you're interested in honeynets, check out http://www.honeynet.org

Ok setting up a honeypot is a little overboard, cheeky_zombie had it right, just take the time and learn linux and overall security. I setup a honeypot on my windoze machine which wasn't hard but its time consuming and it takes a lot of hard work to make sure that logs and the such stay untainted. Honeypots only work well when you have more than 4 computers, routers, switchs and the such. Also the point of a honeypot is to distract the cracker away from the important stuff or to learn what is being used to hack the computers. Just remember to check for upgrades on ALL programs you would be surprise the most unsuspecting programs can give an intruder the upper hand.
Here are a few good sites on security:
www.cotse.com
www.securitywriters.org
www.cert.org

Have phun.