etch  ] [  etch-m68k  ] [  lenny  ] [  sid  ]
[ Source: nepenthes  ]

Package: nepenthes (0.2.2-3)

versatile tool to collect malware by emulating widespread vulnerabilities

Nepenthes is a low interaction honeypot which emulates known vulnerabilities to collect information about potential attacks. It is designed to emulate vulnerabilities worms use to spread, and to capture these worms. As there are many possible ways for worms to spread, Nepenthes is modular. There are module interface to 

  * resolve dns asynchronous
  * emulate vulnerabilities
  * download files
  * submit the downloaded files
  * trigger events (sounds abstract and it is, but is still quite useful)
  * shellcode handler

Tags: System Administration: Logging, Implemented in: C++, User Interface: Daemon, Networking: Server, Role: Program, Security: Intrusion Detection, Purpose: Monitoring

Other Packages Related to nepenthes

  • depends
  • recommends
  • suggests
  • dep: adduser
    add and remove users and groups
  • dep: libadns1
    Asynchronous-capable DNS client library and utilities
  • dep: libc6 (>= 2.7-1) [not alpha, ia64]
    GNU C Library: Shared libraries
    also a virtual package provided by libc6-udeb
  • dep: libc6.1 (>= 2.7-1) [alpha, ia64]
    GNU C Library: Shared libraries
    also a virtual package provided by libc6.1-udeb
  • dep: libcap1
    support for getting/setting POSIX.1e capabilities
  • dep: libcurl3 (>= 7.16.2-1)
    Multi-protocol file transfer library (OpenSSL)
  • dep: libgcc1 [ia64]
    GCC support library
    dep: libgcc1 (>= 1:4.1.1-21) [not arm, armel, hppa, ia64]
    dep: libgcc1 (>= 1:4.3) [arm, armel]
  • dep: libgcc4 (>= 4.1.1-21) [hppa]
    GCC support library
  • dep: libkrb53 (>= 1.6.dfsg.2)
    MIT Kerberos runtime libraries
  • dep: libmagic1
    File type determination library using "magic" numbers
  • dep: libpcap0.8 (>= 0.9.3-1)
    system interface for user-level packet capture
  • dep: libpcre3 (>= 7.4)
    Perl 5 Compatible Regular Expression Library - runtime files
  • dep: libstdc++6 (>= 4.2.1-4) [not armel]
    The GNU Standard C++ Library v3
    dep: libstdc++6 (>= 4.3) [armel]
  • dep: libunwind7 (>= 0.98.5-6) [ia64]
    A library to determine the call-chain of a program - runtime
  • dep: zlib1g
    compression library - runtime

Download nepenthes

Download for all available architectures
Architecture Package Size Installed Size Files
alpha 8,488.4 kB42012 kB [list of files]
amd64 8,101.4 kB39300 kB [list of files]
arm 8,241.1 kB27692 kB [list of files]
armel 6,485.4 kB21548 kB [list of files]
hppa 10,888.4 kB32580 kB [list of files]
i386 7,509.6 kB24560 kB [list of files]
ia64 8,721.7 kB44156 kB [list of files]
mips 7,025.9 kB22880 kB [list of files]
mipsel 8,255.6 kB28656 kB [list of files]
powerpc 8,172.7 kB24556 kB [list of files]
s390 7,999.4 kB26652 kB [list of files]
sparc 6,736.3 kB22928 kB [list of files]