I have been mentioning about nepenthes(low level honeypot to attract malwares) and apparently it is pretty easy to turn on or off nepenthes modules(emulated vulnerable services). I don't want my nepenthes to listen on port 80 as I need to use port 80 for other application. To disable it doesn't seem to be trivial though -
shell>grep '"80"' /etc/nepenthes/*.conf
/etc/nepenthes/log-surfnet.conf: "80",
/etc/nepenthes/vuln-asn1.conf: iisport "80";
Thus I just comment it out at nepenthes core configuration file - /etc/nepenthes/nepenthes.conf
// "vulnasn1.so", "vuln-asn1.conf", ""
Pretty quick isn't it. I have noted it down here for my poor memory sometimes.
Peace ;]
No comments:
Post a Comment