From: dtk@all.net Reply-to: dtk@all.net Organization: Deception ToolKit Mailing List Subject: DTK Mailing List 980831
--------------------------------------------- The upcoming release of DTK will include: capabilities for one-time-passwords, time-based passwords, and algorithmic authentication. interaction with the hosts.allow TCP wrappers file, and other similar capabilities to allow for remote authentication and/or automatic response to attacks Using these, a real user can tell the deception to grant them real access to the host from over the Internet (or elsewhere) while every other host gets only the deception. I have been using this for road trips and it is quite easy to use while revealing nothing to those who don't know the one time password. In the current form, the prerelease DTK also allows you to shut of all access to an IP address that gets to any selected point in a deception, shut of a given service, or otherwise manipulate the hosts.allow file. In this way, an external user who gets a password file (for example) may have their IP address shut off. IF they try to use one of the stolen passwords, they will again be shut of from the new IP, and so forth. Also upcoming is the network version of DTK which allows groups of DTK hosts to communicate via the deception port using one time passwords or algorithmic passwords. This capability will hopefully allow a whole network of machines to shut of IP addresses of machines attempting exploits against one or more of the hosts. I hope to have this update available in a week or two. Suggestions for other enhancements are always welcomed. FC ---------------------------------------------