Blogs
ENISA publishes report on honeypots
Wed, 11/28/2012 - 15:57 — christian.seifertENISA (The European Network and Information Security Agency) under the leadership of CERT Polska has published report on honeypots. Its a hands-on guide on the various honeypot technologies out there looking at various operational aspects, such as extensibility, reliability, ease of deployment, etc. If you are considering running a honeypot, this is a must read! Check it out at http://www.enisa.europa.eu/media/press-releases/new-report-by-eu-agency-enisa-on-digital-trap-honeypots-to-detect-cyber-attacks. Great job, ENISA!
Twitter
Facebook
LinkedInPress Release: 2013 Honeynet Project Workshop
Tue, 11/27/2012 - 04:48 — christian.seifert| THE HONEYNET PROJECT Contact: Christian Seifert Phone: +1-206-2651944 |
1425 Broadway #438 Seattle, WA, 98122 |
| FOR IMMEDIATE RELEASE 9 A.M. GST, November 26th, 2012 |
|
| 2013 HONEYNET PROJECT ANNUAL WORKSHOP 10-12 FEBRUARY 2013 IN DUBAI, UAE |
|
| DUBAI, 26 NOV 2012: This three-day event features an exceptional collection of international security professionals presenting the latest research tools and findings in malware analysis. The twelfth annual workshop will be held at The Address Dubai Mall Hotel on the 10th through 12th of February, 2013, with sponsorship and support from the UAE Honeynet Project chapter, United Arab Emirates Computer Emergency Response Team (aeCERT), and the Pakistan Honeynet Project chapter. The workshop includes one full day of briefings and two full days of hands-on tutorial trainings. Founded in 1999, The Honeynet Project is a non-profit international research organization dedicated to improving the security of the Internet at no cost to the public. “Cyber security is a critical element for any nation working towards technical advancement,” said H.E. Mohamed Nasser Al Ghanim, Director General of TRA. “I am pleased the TRA and aeCERT are participating in this event; hands-on and knowledge-intensive workshops such as this are invaluable as we work towards reinforcing the nation’s cyber security.” “Cyber security is not a ‘one-man’ job, it is dependent on the proactive collaboration of groups spanning government, industry and academia,” said Ahmad Alajail, Security Intelligence & Threat Analyst. “ This is why initiatives such as Honeynet, which provide a diverse talent base, are greatly complementary to the nation’s cyber security and to our work at aeCERT.” The Honeynet Project is composed of 45 regional chapters and is a diverse, talented, and engaged group of hundreds of volunteer security experts who conduct open, cross disciplinary research and development into the evolving threat landscape. Registration and more information available at: http://dubai2013.honeynet.org or by contacting The Honeynet Project CEO Christian Seifert to request a personal interview at: [email protected]. | |
| -End- | |
Pakistan Chapter Status Report For 2012
Sat, 11/24/2012 - 13:12 — faizshujaORGANIZATION
- Faiz Ahmad Shuja is founder and chapter lead of Pakistan Chapter and an active member since 2003. He is responsible for the management and maintenance of HP infrastructure as Chief Infrastructure Officer.
- Muhammad Omar Khan is an active member and assists in various Honeynet deployment efforts.
- Rehan Ahmed is our active member. He assists in the management of Pakistan chapter and HP infrastructure.
- Omar Khan has been involved in attacks analyses and reporting.
Alaska Chapter - Status Report 2011-2012
ORGANIZATION
• Brian Hay (Chapter Lead, Full Member)
• Kara Nance (BoD Member, Full Member)
• Chris Hecker
• Clark Harshbarger
• Matt Bishop
• Wesley McGrew
• Lucas McDaniel
DEPLOYMENTS
• 1 Honeeebox in Alaska
• Purchased multiple other Honeeeboxes available for third party deployments
• Periodic Dionaea deployments in both public and private clouds for student and demonstration use.
RESEARCH AND DEVELOPMENT
1. Ongoing development of hypervisor-based honeypot monitoring using virtual machine introspection (VMI) on Xen and KVM platforms. Read more »
UAE Chapter Status Report For 2012
ORGANIZATION
Ahmad Alajail – Chapter Lead
Ahmad Hassan – Member
Anastasios Monachos - New Member
Andrew Marrington – New Member
Majid Al Ali - Member
DEPLOYMENTS
we have successfully change all of our distributed Honeypots from Nepenthes to Dionaea and upgrade our honeypharm with reporting mechanism and the additional information received from Dionaea.
RESEARCH AND DEVELOPMENT Read more »
Canadian Chapter Status Report For 2011
Tue, 11/06/2012 - 15:07 — natalia.stakhanovaORGANIZATION
Last year our chapter membership has gone through several changes: some members moved to new places and new positions and are no longer a part of the honeynet chapter, while others (Natalia Stakhanova) came back.
Our current members include Ali Ghorbani, Natalia Stakhanova, Hadi Shiravi (Unversity of New Brunswick) and Sami Guirguis (Toronto).
DEPLOYMENTS
We currently have deployed a cluster of server honeypots and SGNET sensor. Both are primarily used for capturing botnet network traffic.
RESEARCH AND DEVELOPMENT Read more »
Spartan Devils Chapter Status Report For 2012
Mon, 11/05/2012 - 16:02 — tom.holtSpartan Devils Chapter Status Report For 2012
ORGANIZATION
Our current membership includes: Gail Joon Ahn (Arizona State University) Tom Holt, (Michigan State University) Max Kilger, and Napoleon Paxton, We are also happy to report that we added Paul Neff to our roster in the last few months.
DEPLOYMENTS
In addition to all tools from honeynet site, we also installed Sandboxie on Vmware ESXi to automatically test malware and reset VMs.
RESEARCH AND DEVELOPMENT Read more »
Forensic Challenge 12 – “Hiding in Plain Sight“ - And the winners are...
Tue, 10/16/2012 - 20:55 — angelo.dellaeraFolks,
the Honeynet Project Alaska Chapter has judged all submissions and results have been posted on the challenge page. The winners are:
1. Shaun Zinck
2. Vadim Kotov and Alberto Boschetti
3. José Valentín Gutiérrez Boquete
Congratulations to the winners and thanks to the other participants!
Angelo Dell'Aera
The Honeynet Project
Two more of our projects selected for Magnificent7
Tue, 10/16/2012 - 18:42 — sebastian.poeplauRapid7 have announced the selected projects for the second round of their Magnificent7 program. The program sponsors open source efforts in the area of IT security over the course of a year and provides them with Rapid7's technological and marketing expertise.
In March, Cuckoo and Androguard - both developed by members of the Honeynet Project - were chosen, and today's press release revealed two more of our members' projects to be supported under the Magnificent7 program.
Buttinsky, led by Patrik Lantz and Lukas Rist, will be a framework for botnet monitoring built from scratch. Ghost, led by Sebastian Poeplau, protects against malware that spreads on USB storage. We also congratulate the developers of John the Ripper, which is the third project to be selected today.
HoneyMap - Visualizing Worldwide Attacks in Real-Time
The HoneyMap shows a real-time visualization of attacks against the Honeynet Project's sensors deployed around the world. It leverages the internal data sharing protocol hpfeeds as its data source. Read this post to learn about the technical details and frequently asked questions. Before going into explanations, take a look at the map itself: map.honeynet.org! Read more »
We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.