[Christ]

A UML honeypot (which is text-based) is very easy to detect once you've gained access. But bypassing any honeypot is relative to your knowledge of the underlying system (usually unix but sometimes windows). It's not exactly trivial but it's not impossible to bypass jail-shells. For instance, I've gained root on one or two eepsites on i2p, using a method of jail-breaking via bash.

Once you're out of the initial jail-shell, you can basically juss unset it, or pwn the system entirely. The opposite concept was presented at DefCon 15: how to detect and deny web 2.0 attacks using HoneyJax and IDS's/IPS's.

Symantec has a couple articles about defeating web-based honeypots.
http://www.symantec.com/connect/articles...ues-part-1

[Eclipse]

No, s/he is asking for an introduction into honeypots, not criticism.

Edit: fixed accidental subjective pronoun assumption.

Thank you. (He)

No, s/he said s/he wanted to


Not text-based bodyguards.

What? o.O

I worded that wrong, I apologize.

---

A UML honeypot (which is text-based) is very easy to detect once you've gained access. But bypassing any honeypot is relative to your knowledge of the underlying system (usually unix but sometimes windows). It's not exactly trivial but it's not impossible to bypass jail-shells. For instance, I've gained root on one or two eepsites on i2p, using a method of jail-breaking via bash.

Once you're out of the initial jail-shell, you can basically juss unset it, or pwn the system entirely. The opposite concept was presented at DefCon 15: how to detect and deny web 2.0 attacks using HoneyJax and IDS's/IPS's.

Symantec has a couple articles about defeating web-based honeypots.
http://www.symantec.com/connect/articles...ues-part-1

Thank you, that was enlightening. I'll be sure to read the entire article.

[Alexaider]

https://www.sinister.ly/Thread-Tutorial-...ng%2bKippo

thnks for the link