Comments on: Sinkholes in Network security: 5 easy steps to deploy a darknet http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/ College Student Portal Fri, 19 Mar 2010 15:37:06 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: john http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-78824 john Tue, 09 Mar 2010 15:18:45 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-78824 My provider is saying the same thing. Scans show nothing even in safe mode. does anyone have info on this?? My provider is saying the same thing. Scans show nothing even in safe mode. does anyone have info on this??

]]> By: Cynthia http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-49131 Cynthia Tue, 12 Feb 2008 01:49:50 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-49131 Somehow I was put into a darknet without my permission. My internet provider says it is a trojan and is threatening to cancel my internet if it isn't gone within 48 hrs but my virus detector isn't picking anything up and neither is my firewall. How can someone do this without permission and how can I get out of it???? Somehow I was put into a darknet without my permission. My internet provider says it is a trojan and is threatening to cancel my internet if it isn’t gone within 48 hrs but my virus detector isn’t picking anything up and neither is my firewall. How can someone do this without permission and how can I get out of it????

]]> By: paul http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-3242 paul Sat, 10 Feb 2007 19:41:26 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-3242 I am currently building a Darknet. We are at the stage of deploying a "Sinkhole". I want to know how to implement or "fake" some services using the Sinkhole techique? We need to emulate services such as WWW/FTP. Any of you guys know how to do this? Thanks Paul I am currently building a Darknet. We are at the stage of deploying a “Sinkhole”.

I want to know how to implement or “fake” some services using the Sinkhole techique?

We need to emulate services such as WWW/FTP.

Any of you guys know how to do this?

Thanks

Paul

]]> By: Cody http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-12 Cody Tue, 24 Oct 2006 21:10:10 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-12 Excellent pdf here on the darknet and the future of content distribution, article by Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman, four employees of Microsoft. http://msl1.mit.edu/ESD10/docs/darknet5.pdf Excellent pdf here on the darknet and the future of content distribution, article by Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman, four employees of Microsoft.

http://msl1.mit.edu/ESD10/docs/darknet5.pdf

]]> By: Author http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-11 Author Tue, 24 Oct 2006 18:47:32 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-11 @Nick, in the simplest sense, an internal darknet will help you expose network misconfigurations. External darknets can give you insight to what your network is being hit with from the outside. In step #2, the recommendation is to use an external gateway router for external darknets and an internal layer-3 switch for internal darknets. Hope this helps. @Shaw, ingress filtering is a good technique @Nick, in the simplest sense, an internal darknet will help you expose network misconfigurations. External darknets can give you insight to what your network is being hit with from the outside. In step #2, the recommendation is to use an external gateway router for external darknets and an internal layer-3 switch for internal darknets. Hope this helps.

@Shaw, ingress filtering is a good technique

]]> By: Nick http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-10 Nick Tue, 24 Oct 2006 18:08:56 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-10 sorry to be the noob around but can anyone tell me the 'subtle' diff between the internal and external darknet the author mentions here sorry to be the noob around but can anyone tell me the ’subtle’ diff between the internal and external darknet the author mentions here

]]> By: Shaw http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-9 Shaw Tue, 24 Oct 2006 18:06:26 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-9 To jeff, the traceback is no longer a viable option because of the increased usage of zombies and botnets. There is no reason to forge headers anymore. Also, besides sinkholes another excellent technique without the drawbacks of sinkholes is by using ingress filtering. To jeff, the traceback is no longer a viable option because of the increased usage of zombies and botnets. There is no reason to forge headers anymore.

Also, besides sinkholes another excellent technique without the drawbacks of sinkholes is by using ingress filtering.

]]> By: Jeff http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-8 Jeff Tue, 24 Oct 2006 18:04:16 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-8 You never talk about how to use techniques like traceback on top of sinkhole techniques. You never talk about how to use techniques like traceback on top of sinkhole techniques.

]]> By: Nev http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-7 Nev Tue, 24 Oct 2006 17:44:18 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-7 Gud stuff. I never knew about p0f. Need to scope it out now Gud stuff. I never knew about p0f. Need to scope it out now

]]> By: Jordan http://www.askstudent.com/security/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/comment-page-1/#comment-6 Jordan Tue, 24 Oct 2006 17:43:04 +0000 http://www.askstudent.com/2006/10/24/sinkholes-in-network-security-5-easy-steps-to-deploy-a-darknet/#comment-6 hey, good article. At my company, we implemented a darknet system with a /32 network space. Being a middle level corp, we see a lot of traffic. Some of the tools you mentioned are pretty good. We actually use the MRTG by Tobias Oetiker in order to visualize the volume of traffic coming in. Check it out hey, good article. At my company, we implemented a darknet system with a /32 network space. Being a middle level corp, we see a lot of traffic. Some of the tools you mentioned are pretty good. We actually use the MRTG by Tobias Oetiker in order to visualize the volume of traffic coming in. Check it out

]]>