To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.

Blogs

The Honeynet Project取证分析挑战中文版启航,欢迎华语世界安全人士参与

The Honeynet Project是一个国际知名的开源信息安全研究团队,致力于提升Internet的安全。

Forensic Challenge 2010/4 - VoIP is now live

Challenge 4 of the Honeynet Project Forensic Challenge - titled "VoIP" - is now live. This challenge 4 - provided by Ben Reardon from the Australian and Sjur Eivind Usken from Norwegian Chapter - takes you into the realm of voice communications on the Internet. VoIP with SIP is becoming the de-facto standard. As this technology becomes more common, malicious parties have more opportunities and stronger motives to take control of these systems to conduct nefarious activities. This Challenge is designed to examine and explore some of attributes of the SIP and RTP protocols.

Note that our Chinese speaking chapters (Julia Cheng from the Taiwanese Chapter, Jianwei Zhuge from the Chinese Chapter and Roland Cheung from the Hongkong Chapter) have taken great initiative and translated the challenge into Chinese, which is available from the simplified Chinese and traditional Chinese pages (will be posted by EOD today.)

With this challenge, we are getting on a firm 2 month cycle. You will have one month to submit (deadline is June 30th 2010) and results will be released approximately 3 weeks later. Small prizes will be awarded to the top three submissions.

Enjoy the challenge!

Waledac's Anti-Debugging Tricks

The last spreading malware version of Waledac, a notorious spamming botnet that has been taken down in a collaborative effort lead by Microsoft earlier this year, contained some neat anti-debugging tricks in order to make reverse-engineering more difficult. Felix Leder and I have been presenting about the approach at SIGINT 2010 in Cologne yesterday, and as the method seems to be not publicly known yet, I will quickly describe it here as well.

Forensic Challenge 2010/3 - "banking troubles" - and the winners are ....

Josh, Angelo, Matt and Nicolas finished evaluating the submissions for FC2010/3 banking troubles. Again, lots of great submissions! We had a total of 22 and the top performers for FC2010/3 are:

  1. Mario Pascucci (Italy)
  2. Tyler Hudak (USA)
  3. Carl Pulley (UK)

Congratulations to the winners and all the folks that participated in the challenge - this was not an easy one. Each winner will receive a signed book from one of our Honeynet Project authors. We have posted the submissions of the winners and sample solution on the FC2010/3 web page. All participants should have also received an email today with information about their individual score as well as placement.

How can we improve the Forensic Challenge?

Folks, the submission deadline for the Forensic Challenge 3 – “Banking Troubles” has passed. We have received 22 submissions and will be announcing results on Wednesday, May 12th 2010. With the 3rd challenge coming to an end, we would love to get your feedback on the challenges: Which challenge did you enjoy in particular and why? Do you have any suggestions on how to improve the challenge? Is there a particular challenge you would like to see in the future? Send your feedback to forensicchallenge2010@honeynet.org.

Honeynet Annual Workshop has kicked off

The 2010 Honeynet Workshop has kicked off, in the wonderful surroundings of UNAM, Mexico City. Many thanks to our hosts!

A Breeze of Storm

Today, Steven Adair from Shadowserver imformed us about a new piece of malware that looks like a new version of the infamous Storm Worm. Storm was one of the first serious peer-to-peer botnets, it was sending out spam for more than two years until its decline in late 2008. Mark Schloesser, Tillmann Werner, Georg Wicherski, and I did some work on how to take down Storm back then, so the rumors about a new version caught our interest.

GSoC 2010 Student Selection is Public

After a few slow days for student applicants everywhere, and some difficult decisions on the final slot allocations for our mentors, the long wait is finally over and the GSoC 2010 official student selections are public. The Honeynet Project are very excited to have received 17 GSoC slots this year (up from 9 last year), so many thanks to Google for their fantastic support again this year.

Forensic Challenge 2010/3 - "Banking Troubles" - submission deadline extended to Monday, 26th of April 2010

Folks, we have decided to extend the submission deadline of the Forensic Challenge 2010/3 - "Banking Troubles" for another week (deadline is now April 26th 2010.) Seems like this challenge is a bit tougher and we would like to give you all the opportunity to submit your results. For those folks that have already submitted, you can resubmit via the web form in case you would like to make changes to your solution. The Forensic Challenge 2010/3 can be accessed here: http://honeynet.org/challenges/2010_3_banking_troubles.

Google Summer of Code 2010 Student Application Deadline Closed

Student applications for Google Summer of Code 2010 closed at 19:00 UTC tonight, with the usual last minute rush of submissions (but thankfully no timezone confusion this time). We had thought that receiving three student applications in the final minute, including one with 8.4 seconds to spare was cutting it close, but Plan9 apparently had one lucky applicant with 1.23 seconds remaining on the clock! That must set a new GSoC record... ;-)

Syndicate content