Spanish Chapter Status Report For 2008

ORGANIZATION

The Spanish Honeynet Project chapter primary areas of interest and development are wireless honeynets, web honeypots, data collecting and analyzing and research technical papers to inform the community. Our current members are:

• Diego González, chapter lead, Telecommunications Engineer and IT Security Professional.
• Javier Fernández-Sanguino Peña, PhD in Telecommunications Engineering and project leader in Germinus XXI S.A.
• Raúl Siles, Masters degree in Computer Science, GSE and senior independent Security Consultant.
• Carlos Fragoso Mariscal, networking, systems and security engineer for Supercomputing Center of Catalonia.

Our chapter has a new member, Pedro Sánchez, security administrator of “Asociación Técnica de Cajas de Ahorros”, CISM and CHFI.

DEPLOYMENTS

1. List current technologies deployed.

   • Design of a new honeypot platform based on web technologies called Honeyweb. It basically analyzes network traffic using pattern detection techniques and redirects malicious activities to a honeypot.
   • Deployment of a wireless honeypot (HoneySpot).

2. Activity timeline: Highlight attacks, compromises, and interesting information collected.

RESEARCH AND DEVELOPMENT

1. List any new tools, projects or ideas you are currently researching or developing.
2. List tools you enhanced during the last year
3. Would you like to integrate this with any other tools, or you

   looking for help or collaboration with others in testing or developing

   the tool?

4. Explain what kind of help or tools or collaboration you are interested in.

FINDINGS

1. Highlight any unique findings, attacks, tools, or methods.
2. Any trends seen in the past year?
3. What are you using for data analysis?
4. What is working well, and what is missing, what data analysis functionality would you like to see developed?

PAPERS AND PRESENTATIONS

1. Are you working on or did you publish any papers or presentations,

   such as KYE or academic papers?  If yes, please provide a description

2. and link (if possible).Are you looking for any data or people to help with your papers?
3. Where did you present honeypot-related material? ( selected publications ).

GOALS

1. Which of your goals did you meet for the past year?
2. Goals for the next year.

   • Deployment of a HonEeeBox malware collection node (in collaboration with UK Chapter).
   • Publication of a tool called Honeyweb, a platform that redirects web attacks to a honeypot based on automatic network traffic analysis.
   • Deployment of a wireless honeypot (HoneySpot).