Forensic Challenge 8 - "Malware Reverse Engineering"

09 May 2011 Angelo Dellaera challenge forensic-challenge

I am pleased to announce the next forensic challenge: Forensic Challenge 8 - “Malware Reverse Engineering”.

The challenge has been created by Angelo Dell’Aera and Guido Landi from the Sysenter Honeynet Project Chapter.

Submission deadline is June 15th and we will be announcing winners around the third week of July. We have a few small prizes for the top three submissions.

Have fun!

Angelo Dell’Aera
The Honeynet Project

GSoC2011-THP Project 1 - Improve our high interaction client honeypot Capture-HPC

05 May 2011 Youzhi Bao capture-hpc gsoc

Project Description:
Proposed Capture-HPC Description

Capture-HPC is a high-interaction client honeypot that is capable of seeking out and identifying client-side attacks. It identifies these attacks by driving a vulnerable client to open a file or interact with a potentially malicious server. As it processes the data, Capture-HPC monitors the system for unauthorized state changes that indicate a successful attack has occurred. It is regularly used in surveys of malicious websites that launch drive-by-download attacks.

Forensic Challenge 7 - Submission deadline passed

05 Apr 2011 Angelo Dellaera challenge forensic-challenge

Folks the submission deadline for the Forensic Challenge 7 – “Forensic Analysis of a Compromised System” - put up by Hugo Gonzalez from the Mexico Chapter and Guillaume Arcas from the French Chapter - has passed. We have received 16 submissions and will be announcing results on Friday, Apr 29th 2011. The winners will get a copy of the book “Virtual Honeypots - From Botnet Tracking to Intrusion Detection” written by Niels Provos and Thorsten Holz.

The Honeynet Project Releases New Tool: streams

05 Apr 2011 Anton Chuvakin release tool

Tillmann Werner from the Giraffe Honeynet Project chapter just released the first version of “streams”, a tool for browsing, mining and processing TCP streams in pcap files. If you ever needed to process large pcap files on a session level, you will love this tool. Have a look at the README to get an impression of its
capabilities.

The README contains some sample output and tool description.

Tillmann’s talk “High Performance Sniffing” from The Honeynet Project public workshop covers this tool:

Google SoC 2011 - Student Applications In Progress

04 Apr 2011 David Watson gsoc

With GSoC 2011 student applications having been open for the past week, we’ve been having a number of interesting discussions with potential students on both #gsoc2011-honeynet on irc.freenode.net and on our public GSoC mailing list and this summer is already looking to have many exciting project ideas.

Student applications run through to Friday April 8th at 19:00 UTC, so if you are a student interested in participating in GSoC 2011 with the Honeynet Project, please take a look at our GSoC 2011 project ideas and make the most of the remaining time to get involved. We cover a very wide range of projects, tools and technologies, so hopefully there is something available to interest everyone, whatever their experience.

Google SoC 2011 - Honeynet Project Accepted Again and Student Applications Open!

26 Mar 2011 David Watson gsoc

Our annual workshop in Paris got off to the perfect start this weekend when Google went live with the new look GSoC 2011 Melange site and announced which lucky organizations had been accepted as mentoring orgs for GSoC 2011.

The Honeynet Project were delighted to have been successful again this year and to have been accepted as one of 173 organizations who will be mentoring GSoC 2011 student projects this summer! Many thanks go to Google for their continued support for FOSS (particularly the ever supportive Carol), and to all our members and potential students for their interest, support and enthusiasm so far.