Chuchhill Honeypot Dameon Concept

“A lie gets halfway around the world before the truth has a chance to get its pants on.”
Winston Churchill

“The truth is incontrovertible. Malice may attack it, ignorance may deride it, but in the end, there it is.”
Winston Churchill

In wartime, truth is so precious that she should always be attended by a bodyguard of lies.

Winston Churchill

(Concept is a Work in progress)

anyhow from that above quote …. comes the Cyberwarfare concept….

you networks are under AssaultLie.. stall buy time. and yes for the attacker make them think They or your PC are Toking /smoking something on one bad Trip of LSD.

Psychological Warfare & Lies & Dis-information : if the Honeypot trap triggers…

attackers on port # (start Filibustering lies , pile on the Bull-shit)

lie about the connection times….

Lie about the host-name welcome to : Enterprise.nc1701d.lcars.star-fleet.stb and they though they had some-victum-bank.com.… (their head must be swimming spinning doing double takes and picking their jaw off the floor or mildly amused…. next few tries will start to make them irritated…)

or use historical pc o/s from the bygones. and fake the o/s signatures. or futuristic sounding o/s  Linux kernel 25.0.99 on AMD -193 Trit– Quantum 50 core Trinary CPU

Windows 25 , and “time travel them”  today is Dec 25 2525 (todays gift for you Mr C’hacker is you guess it more lies to sift through….)

uses Sci-FI pc concepts historical. its a Linux box lie to em say its windows nt 3.51 one minute then say they got Babylon 5 mainframe the next.

hell use some ascii art and put friggen Klingon out who cares..any of the fortune cookies that provide dis-information ….. to keep them guessing what your doing or confused enough…

spin the fortune cookies fake the o/s packets…

Bamboozle them, fake them , utterly befuddle them , make them so utterly confused

they will move on or slow their attacks to the point you have time to respond and block them ..

by confusing them after a thresh-hold trigger has been reached , this wont deter professionals or the most determined crackers…. mal-hackers….

but it will get rid of the script-kiddies , as if the more automated means , the outputs will for a time garble up their NMAP scans etc. with useless data….

make them have a physiological meltdown , at least they wont be attacking your pc’s or networks anytime soon again, they will move on to other weaker less defended constructs.

WWII , lights magic , not many defended some targets , by outright out-witting the Axis forces…. with far-less inflatable tanks… amusing yet simple tricks.  however the enimies were less than amused …. but from a historical perspective how the chickens outwitted the foxes is a useful tidbit…

your network has EGGS of information the foxes want , they will “eat you alive too”…. if they can “Catch you” would be a good analogies…

I figured putting a few magic tricks will at first amuse an attacker then slowly simmer their anger and will to the point of “self-cremation ”  for most a few hours of Psi-warfare

data directed back at them , they will explode in anger to were they are just burring mad.  (and they asked for it , they tried to hack you , so they brought it on themselves…)

Thus if your target system is attended by a bodyguard of lies., and confuses attackers ,  it is simple and inexpensive concept. and modular in ideas.

if they get past the 10,000 Cisco firewall , a more expensive system will not do, so the  bodyguard of lies will buy you time to get at them and or kick them…

it should give you more time
of which: you can program your IDS to respond to them by drooping their connections. trace thier ip .

analyze them in kind. etc.

Developers Wanted : (unfortunately I lack the skills I thought this to be an interesting concept. )

© Michael R. Lawrence , http://www.Michaellawrenceit.com 2013

And the Sabayon Linux Foundation (of which I chose to help out when I can)

Creative Commons License
Chuchhill Honeypot Dameon Concept by Michael R. Lawrence is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at https://sabayonzoroproject.wordpress.com/2013/05/23/chuchhill-honeypot-dameon-concept/.

Templar Server Discussion

So If you were making A custom Sabayon Linux Security Server , What packages would you want to have.

 

Goals , Simple IDS , and a few honeypot programs , IE SSHD type , etc., and other programs showing where hackers are trying to break into your network.

And other hardening tools ? As well as tools to aid during a network Attack Crisis IE Incident response.

Zoro project is for doing Pentesting and security audits , but as well  a Linux build to help Admins keep out threats . IE “Templar”   (A Network “Meatsheild”) Tux-Knight  At the End of the day small Biz owners like me have to juggle allot of hats Security Admin Network Admin , Owner , Graduate IT Enterprise Security Student.

Whether it is an Enterprise , or a small business owner Managing IT Network Security can be a large scale challenge , however it is necessary, however with larger firms IDS products out of reach for most home users or even small startup IT firms , a Secure server that aids in the management of security , and helps detect gaps in the firewall, and other issues , and are Sabayon Linux based , which is a Gentoo Linux Varrent ,  thus Portage is included also helps.

As the packages are Fresh and new rather soon before they get too dated to be useful.

Having most of the tools or all the tools as a direct Install or an LXC Server Container-let of Sabayon Templar Server to run a top of a Linux Appliance server should be rather possible, as well , it can run and keep watch for unusual activities or act as being easily configured as an Internal or External and IDS Appliance , and a firewall for isolating Internal Users from DB servers or sensitive Data. ,

 

In Time a Firewall APP , may be spun from Redwall/Sabayon , or ETC.