A while back there was a lkm called sebek, which is designed to work in a honeypot for finding and studying internet hacketrs, but its very outdated and wont work with newer 2.6 kernels. Anyone know of any projects currently in the works to mod the kernel source to get it it work again? I know it's easily detected but thought that someone might still be working on somewhere. Thanks in advance,
Re: Sebek 2.6.32
However, it apparently doesn't yet support monitoring Linux honeypots. You might have to wait for it, unless someone else knows of something similar.
Tags for this Thread