Slashdot Mirror

← Back to Stories (view on slashdot.org)

Build A Darknet To Capture Naughty Traffic

Posted by timothy on from the then-bend-it-to-your-evil-will dept.

DM_NeoFLeX writes "Have some routable Address Space lying around? You might want to build a DarkNet. The folks over at Team Cymru have outlined instructions for creating one with FreeBSD and as little as /32 routable space. From the article: 'A Darknet is a portion of routed, allocated IP space in which no active services or servers reside. These are 'dark' because there is, seemingly, nothing within these networks. Any packet that enters a Darknet is by its presence Aberrant.' Darknets can provide useful information for tracking the flow of naughty network traffic."

3 of 266 comments (clear)

  1. Re:Very Interesting by 0racle · · Score: 1, Redundant

    You can set a honeypot like honeyd to essencially passivly capture all traffic to a subnet, which would log all worms as well. So a darknet is a lot like a honeynet, except you can't do as much with it.

    --
    "I use a Mac because I'm just better than you are."
  2. Re:like anyone here as a /32 ip block by zerocool^ · · Score: 0, Redundant


    a /32 block is a single machine.

    A /32 is a single routable IP address.

    --
    sig?
  3. This is not a new concept by fodderb0y · · Score: 0, Redundant

    It's also called a network telescope. CAIDA has been implementing this type of thing for several months.