MSI is proud to announce the instant availability of a LINUX ONLY HoneyPoint GUI tool to capture Conflicker scans and probes.
Conflicker is a significant threat and is expected to wreak havok on April 1, 2009. You can find a ton of information about Conflicker here from various vendors via SANS.
The HoneyPoint Special Edition: Conflicker runs in Linux and is easy to use with just about any LiveCD distro (including Puppy/DSL/gOS, etc.) and should make it easy for organizations to monitor their network spaces with a scattersensing approach. We chose not to release an OS X version to avoid issues with root authentication and Windows was not possible, since the detection requires binding to port 445/TCP which Windows uses for CIFS.
This application is our attempt to help organizations around the world defend themselves and their assets against this bleeding edge threat using rational, safe and effective detection mechanisms at the network level.
Please let us know your thoughts.