Join us for the Honeynet Workshop 2024: May 27th–29th, Copenhagen, Denmark

No more emulation!

27 Aug 2008 Tillmann Werner
Emulation is an important technology in honeypots and honeynets. It’s not always what we want, though, and here’s why. As you might know, most bots perform attacks in multiple stages, i.e., they send some exploit code to the victim that opens a shell, connect to that shell or let the shell connect back, invoke commands to download the actual malware binary, execute the malware. Catching the exploit and providing a fake shell isn’t too hard, as shown in this post.

Our New Website

12 Aug 2008 Lance Spitzner
Greetings! First I want to start off by thanking Steve Mumford, Christine Kilger, Jamie Riden, David Watson and Markus Koetter, they are the people that made our new website possible. Second, I wanted to share with you how excited I am about this. One of the challenges we have had for years is coordinating all the different research projects are members are doing. This site will allow each person to share as much as they want, however they want.