To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.

Blogs

The Honeynet Project in the Media

The Honeynet Project has been all over the media again lately, mostly due to our visualization research.

First-Ever Public Honeynet Project Security Workshop - Slides Online

Folks, we had a great day at the first-ever public Honeynet Project Security Workshop yesterday with many excellent presentations by our members from around the globe. The presentations ranged from deep technical dives around shellcode detection and mobile malware reverse engineering to views on social dynamics of attackers and ethics of computer security research.

Further, we hosted a small capture-the-flag/forensic challenge competition, which received plentiful participation - especially with the younger crowd.

We hope that everybody enjoyed the workshop. If you were not able to make it to the workshop this year, we have attached the slides to this blog post. Hope to see you again in 2012.

Christian Seifert
CEO, The Honeynet Project

Google SoC 2011 - Org Applications Finished

23:00 UTC Friday March 11th was the first deadline for Google Summer of Code 2011, and the cut off point for organizations interesting in participating to complete their org application.

There Is Still Time To Register for The 2011 Honeynet Project Security Workshop (Paris, March 21)

Just a reminder, there is still time to register for The 2011 Honeynet Project Security Workshop.

More information: honeynet.org/node/602
Register: regonline.com/builder/site/Default.aspx?EventID=929631

About the event:

The Honeynet Project on Social Media

Not all of you might know it, but The Honeynet Project is well-represented on social media. Apart from this blog, we have:

Google Summer of Code 2011 - Org Applications Open

Has it really been another year already? Having really enjoyed our experience as a successful mentoring organization in Google Summer of Code 2009 and Google Summer of Code 2010, The Honeynet Project is very pleased to announce that we will once again be applying to be accepted this year as a potential mentoring organization for Google Summer of Code 2011 (note the changed URL for GSoC 2011).

New Honeynet Project Challenge (#7): Forensic Analysis of a Compromised Server

The plot? As usual:

A Linux server was possibly compromised and a forensic analysis is required in order to understand what really happened. Hard disk dumps and memory snapshots of the machine are provided in order to solve the challenge.

Are you up to the challenge? All details are here

Here are the questions that need your answers:

What service and what account triggered the alert? (1pt)
What kind of system runs on targeted server? (OS, CPU, etc) (1pt)

Honeynet Project Blog Top Posts in February 2011

The following are the Top 5 popular blog posts from The Honeynet Project blog this month.

The Honeynet Project Releases New Tool: Cuckoo

Here is another tool release from The Honeynet Project: Cuckoo Box by Claudio Guarnieri. Cuckoo is a binary analysis sandbox, designed and developed with the general purpose of automating the analysis of malware. Read more about the tool here, grab the tool here – but please read detailed setup guide here (make sure to read it!). BTW, this tool is really well-documented, so make use of it before deploying it.

The Honeynet Project Releases New Tool: PhoneyC

Here is another new release from the Project: a release of a new tool called PhoneyC, a virtual client honeypot.
PhoneyC is a virtual client honeypot, meaning it is not a real application (that can be compromised by attackers and then monitored for analysis of attacker behavior), but rather an emulated client, implemented in Python. The main thing it does is scour web pages looking for those that attack the browser.

Syndicate content