HoneyNor - Chapter Status Report For 2014

HoneyNor - Chapter Status Report For 2014
 
ORGANIZATION:
 
Sjur Usken - Chapter Lead
Lukas Rist - Director
Johnny Vestergaard - Code Geezer
Daniel Haslinger - Knife juggler
Maximilian Hils - phpinfo()
Aniket Panse
Phani Vadrevu
John Doe
 
DEPLOYMENTS:
 

  • Glastopf, web application honeypot
  • Conpot, ICS honeypot
  • Waschbecken, Conpot data sink
  • PHPox, PHP sandbox for Glastopf PHP samples

 
RESEARCH AND DEVELOPMENT:
 

  • Glastopf is pretty much in maintenance mode. Nothing major besides some bug squashing. There is a Master thesis about to be released improving the SQL injection handling Glastopf.
    We are looking for someone interested in taking over the lead of this project. https://github.com/glastopf/glastopf
  • Conpot. We participated in BruCon’s 5x5 which pushed progress quite a lot last year. Unfortunately we didn’t got any students through GSoC last year. Andrea De Pasquale joined the core development team. We proposed 3 projects for GSoC’15 and another 5 to various universities. Highlights are the new data bus to have data consistency across all protocols and the Kamstrup SmartMeter template and protocol stacks. https://github.com/glastopf/conpot
  • mitmproxy: We closed over 250 issues at GitHub, pushed 6 releases and got many contributions from external developers. The ship is sailing! https://github.com/mitmproxy/mitmproxy
  • beeswarm: We are making strong progress with multiple releases thanks to a dedicated core developer team. http://www.beeswarm-ids.org/

 
PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS:
 

https://speakerdeck.com/johnnykv/honeypot-workshop
 
FINDINGS:
 
Most of our efforts were spent on developing and deploying honeypots. During the next Honeynet Project Workshop in Stavanger we will present our results from deploying an ICS honeypot in the wild.
 
GOALS:
 
Goals from last year:
 

  • The Honeycloud continued to be an important component. Operation were successful.
  • Conpot: We made good progress with this project. Many set goals got achieved and we managed to increase the team size.
  • Bumblebee: A project initiated by Daniel, providing a way of deploying “thin” sensors on ultra cheap instances targeting a range from novice users to professionals. So far we were not able to finish a release.
  • Glastopf: We didn’t made a lot of progress as we were lacking the human resources.

 
Goals for 2015
 

  • Prepare the next annual Honeynet Project workshop in Stavanger: stavanger2015.honeynet.org
  • Continue secure physical honeycloud and infrastructure server (4 data centers).
  • With being accepted for Google Summer of Code 2015 we hope to get more contributors for the Conpot projects. We plan to improve the deployment capabilities and add more protocols and templates for system emulation.
  • For mitmproxy, we’re looking for two students who help develop HTTP/2 support and a web interface, two highly requested features from the community.