Installing, Configuring, and Testing The Deception Tool Kit on Mac OS X

This paper will introduce a Honey Pot known as the Deception Tool Kit (DTK) written by Fred Cohen. It will give an overview of what the DTK is, where to obtain it, how it works, and offers advice about when it should be deployed. Out of the box, the DTK is readily installable on most Unix-based operating systems including Linux, but has no installation support for Apple's new operating system Mac OS X (OSX). For more information on OS X see Apple's website at http://www.apple.com/macosx/ (Apple) The pre-requisites and changes that are necessary to install and run the DTK on OSX will be outlined for the reader, showing how it differs from a standard Unix system in the context of using this product. The goal of this paper is to facilitate the installation of the DTK by a novice user onto any Mac OS X machine. After it is installed, we will set-up the DTK to run on port 8080 and provide a deception on that port in response to a threat. After the set-up is complete we will test our deception port for the appropriate responses.