- About us
- Code of Conduct
- Google SoC
- Recent posts
- Security Workshops
Today Apple unveiled the next generation of OS X, Lion and new iOS 5. Among the features, I'm concerned about two features: AriDrop and iCloud.
Visualization is a niche area especially at the security analysis. As mentioned in a well-known sentence; "A picture is worth a thousand words". The importance and the power of the visualization in the security area stands out with the ability to define multi-dimensional data with a single shape. When addressing the creating a mesh tiled 3D view on an Earth map, i was reading about the geoweb application development. A geoweb application consists of some components.
This summer, I will be dealing with the malware analysis distribution from a visualization perspective at a timeline and geographic basis. To collect data related with malwares, I installed the Dionaea, which is a successor of Nepenthes. The documentation of the Dionaea is plain and easy to follow. I chosed Debian Squeeze to install the honeypot on it. Installing the base system from netinstall CD and following the documentation was enough till i got an error message during the compiling process of Dionaea.
I am pleased to announce the next forensic challenge: Forensic Challenge 8 - "Malware Reverse Engineering".
The challenge has been created by Angelo Dell'Aera and Guido Landi from the Sysenter Honeynet Project Chapter.
Submission deadline is June 15th and we will be announcing winners around the third week of July. We have a few small prizes for the top three submissions.
The Honeynet Project
Folks, Guillame and Hugo have judged all submissions and results have been posted on the challenge web site. The winners are:
1. Dev Anand
2. Fernando Quintero & Camilo Zapata
3. (3 submissions) Matt Erasmus, Joseph Kahlich and Kevin Mau
Congratulations to the winners!
With challenge 7 completed, we are getting ready to launch challenge 8 on May 9th. This challenge has been prepared by Guido Landi and Angelo Dell'Aera from the Sysenter Chapter and it deals with
Proposed Capture-HPC Description
Capture-HPC is a high-interaction client honeypot that is capable of seeking out and identifying client-side attacks. It identifies these attacks by driving a vulnerable client to open a file or interact with a potentially malicious server. As it processes the data, Capture-HPC monitors the system for unauthorized state changes that indicate a successful attack has occurred. It is regularly used in surveys of malicious websites that launch drive-by-download attacks.
An important update for Forensic Challenge 7 challengers. For reasons related to reviewers' everyday job committments the challenge results will be announced on Friday, May 6th 2011 and not on Friday, 29th April as announced in the previous blog post.
Thanks for your patience and regards.
The Honeynet Project
Folks, Google has just announced the accepted projects on the GSoc website. We had an excellent line up of students and proposals this year and were able to accept 12 projects! Thanks for all the students who have applied this year and congratulations to all accepted!
Just a quick note to you let everybody know that the videos from 2011 Honeynet Project Security Workshop has been posted. The slides can be obtained at the same location.
Tillmann Werner from the Giraffe Honeynet Project chapter just released the first version of "streams", a tool for browsing, mining and processing TCP streams in pcap files. If you ever needed to process large pcap files on a session level, you will love this tool. Have a look at the README to get an impression of its
The README contains some sample output and tool description.