Tunisian (Saherhoneynet) Chapter Status Report 2014

Organization
List current chapter members and their activities:
·         Hafidh EL Faleh                           Tunisian Honeynet chapter lead.
·         Haythem EL MIR                          IT cyber-Security Consultant (Professional).
·         Samy Mabrouk                            Chief Information Security Officer - Orange TN
·         Hassen Bahri                               Technical Manager - Orange TN
·         Marwen Ben Rached                    Cyber security Consultant – ITU Geneve
·         Jihene Ksiksi                               Cyber early warning system team member – Support
·         Tarek mouhamed                          Cyber security Consultant – ITU Oman
·         Amine Rached                             CIO   Central  Bank Tunisia. 
·         Amine Abid                                  CSIRT (incident team) support. 
·         Ramchi oussama             Cyber early warning system team member – Analyst ( New members)
 
DEPLOYMENTS
From the starting of the project, the team tried to be up-to-date in term of used technologies; they tested all detection and honyepotting tools and tried to choose the most reliable ones.
This a list current technology deployed:
·         SurfIDS
·         SMTP-HP
·         Kippo
·         Kippo-Graph
·         Dionaea
·         Dionaea-FR
·         Glastopf
·         Honeynet Webviz
·         Cuckoo
·         HonEeeBox
·         Modern Honeynet Network
 
 
Developed Projects
·       RealTime Saher Haneynet Dashbord :  http://www.honeynet.tn/radar/index.php
·         Automatic generation of SSH-honeypot statistics : http://www.honeynet.tn/node/61
·         Conception a tool for analyzing URL and binaries founded in SSH input using result of kippo ssh-honeypot.
 
 
Consultancy Projects
·         Assistance for the set-up of The Nigerian Nigerian Computer Emergency Response Team (ngCERT) and deployment of honeypots tools.
·         Installation of complete Honeynet platform for Nigerian CERRT.NG Ecosystem - Computer Emergency Readiness and Response Team (CERRT.ng).
 
International Workshop
Our cyber security team has attended several international workshop and incident response exercises:
·         OIC-CERT Cyber Security Drill 2013
·         APCERT Cyber Security Drill 2013
·        25th Annual FIRST Conference about Incident Response (Bangkok 06/2013)
·         OIC-CERT Cyber Security Drill 2014
·         APCERT Cyber Security Drill 2014
·         APCERT Cyber Security Drill 2015
 
·         ARTCI Ivory Coast 16-17/02/2015 – Tunisian experience in the National Security Cyberspace