On Sun, May 3, 2009 at 2:35 PM, Lisa Kachold
<lisakachold@obnosis.com> wrote:
The Honeynet project (sponsoring 9 projects in Google's Summer of Code this year) has a really great LiveCD called Roo, that creates an immediate trap of magnificent proportions:
https://projects.honeynet.org/honeywall/attachment/wiki/WikiStart/roo-1.4.hw-20090425114542.iso
Roo, like Knoppix Tools on a USB key, is one of those must have items for everyone. Be careful however of the legal implications, which include liability (you built it insecure, knowingly - what is someone uses it as a jumping off place?), complicity, entrapment and more. If you are game, it's exceedingly fun; rather like a Cracker SimCity?
Honeynet reverse engineers also built a very amusing "Eye Chart" for determining immediate infection with the worm: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html