Adapting to some of the challenges presented by attempting to operate larger, longer running deployments of client honeypots (both high and low interaction) by simplifying and improving our ability to deploy and manage large client honeypot farms.
Primary Mentor: Ian Welch
Student: Thibaut Gadiolet
WP1. Implement a web application that allows the uploading of lists of URLs to manage. These will be stored persistently in a database allowing long term trend information to be collected and managed.
WP2. Extending David Stirling's work. Define a standard web interface with client honeypots and extend the web application to issue requests to a dummy client honeypot and collect results that are stored persistently.
WP3. Implement functionality for accessing results for a set of URLs from the persistent store. This should allow viewing individual runs as well as a history of runs.
WP4. Implement scheduling functionality to allow a queue of work to be created that can be submitted as resource becomes available.
WP5. Extend the web application to support authenticated users and place controls on access to the exposed client honeypots. Support for adding users, organisations and individual honeypots.
WP6. Integrate with the Client Honeypot installation based at Victoria University.
I worked on the Front-End to make my interface more user-friendly, I don't detail every modifications, we can split them in three:
My code is under Honeynet Subversion so you can consult it if you're curious !I also corrected a lot of bugs even if some of them are a bit persistent....
I just wanted to share few things with you about my project.
I'm still very excited to work on my project and if anyone is intersted in what I've done, here is a short tutorial I created to setup the project quickly.
If some kind people would like to test it to give me their feedback. It could be the best way for me to improve it.
Hi folks !
As the GSoC started, this blog entry will introduce to you, myself and my project.
My name is Thibaut, I am still a student like all GSoC participants I guess and I belong to the ENSI of Bourges (France). I took one year off for doing research at the university of Maryland (USA) in the IT security field, especially in honeypots.
Provide a web interface to manage honeypot clients (both low and high interaction), and share results between different organisations.