KFSensor Professional is an advanced piece of software designed to mimic a honeypot that identifies and attracts hackers attempting to infiltrate your computer by making the system services look vulnerable. It contains comprehensive options and configuration settings dedicated to experienced users, such as network administrators.
Quick setup and classical-looking interface
The installation procedure does not take a long time time to finish. However, it requires a system restart. As far as the interface is concerned, KFSensor adopts a regular window with a plain and simple layout.
Set up the initial configuration via a wizard
At startup it pops up a wizard to guide you toward the initial configuration. So, you can select the port classes to include between the Windows workstations, server, Internet services and applications, along with Linux (services not usually found in Windows), Trojans and worms.
In the next steps you can choose ports with active native services, specify a domain name, as well as enable email notifications to send alerts (sender and receiver addresses).
In addition, it is possible to configure settings pertaining to the denial of service (controls how many events are recorded before the server is locked), port activity time (how long a port should indicate activity after an event), proxy emulation (controls if KFSensor is allowed to make limited external connections), and network protocol analyzer. Last but not least, you can install KFSensor as a systems service.
Examine and export event data, add visitor rules and scenarios
All events are shown in the main frame and you can study the start time, duration, protocol, sensor port, name, visitor, and signature message. Additional event details may be investigated as well as exported to file.
Plus, you can create visitor rules by indicating the IP range, host DNS name, protocol, sensor IP and port, visitor port, minimum and maximum number of allowed connections, actions (close, ignore) and severity level.
Moreover, you can create multiple scenarios, edit their properties and easily switch through them, create and configure signatures, alter DOS attack settings, log activity to file, and much more.
Evaluation and conclusion
There were no stability issues in our tests, since the app did not hang, crash or pop up error messages. Surprisingly, it uses low CPU and RAM, so it does not hog system resources. Thanks to its extensive range of options and configuration settings dedicated to protecting machines from Internet-based attacks, KFSensor Professional should meet the requirements of most users.