| 24 | | Version 0.5.0 introduces the mirror mode (option '-m'). When run- |
|---|
| 25 | | ning in this mode, whenever a connection request is handled, hon- |
|---|
| 26 | | eytrap tries to establish a so called mirror connection back to |
|---|
| 27 | | the remote host requesting the same port. All data received on |
|---|
| 28 | | one of the two connections is copied to the other one. Thus, hon- |
|---|
| 29 | | eytrap is acting as a tcp proxy for a connection of a remote host |
|---|
| 30 | | with itself. If no mirror connection can be established, honey- |
|---|
| 31 | | trap falls back to normal mode. |
|---|
| 32 | | |
|---|
| 33 | | A plugin interface was added in Version 0.6.0. Plugins can be |
|---|
| 34 | | loaded as dynamic shared objects. Also, honeytrap can now be con- |
|---|
| 35 | | figured via a configuration file. The file is reprocessed when a |
|---|
| 36 | | SIGHUP is received so changes can be made available with zero |
|---|
| 37 | | downtime. |
|---|
| 38 | | |
|---|
| 39 | | Version 0.6.2 comes with lots of new features. Using the new |
|---|
| 40 | | proxy mode, Connections can not only be mirrored back to the ini- |
|---|
| 41 | | tiator, but proxied to other systems and other ports. The appro- |
|---|
| 42 | | priate mode can optionally be configured per TCP port. A new, li- |
|---|
| 43 | | bipq-based connection monitor was introduced (idea stolen from |
|---|
| 44 | | the nepenthes honeytrap module). |
|---|
| 45 | | |
|---|
