Know Your Tools: Qebek – Conceal the Monitoring

Our "Know Your Tools: Qebek – Conceal the Monitoring" whitepaper was released on November 2nd 2010 as a PDF and docx. You can download the full paper from the link below.

Paper abstract
For the last few years, while low-interaction (LI) honeypot systems like Nepenthes and PHoneyC are getting more and more powerful, the progress of high-interaction (HI) honeypot technology has been somewhat slower. This is especially true for Sebek, the de-facto HI honeypot monitoring tool. In this KYT paper, we introduce Qebek, a QEMU based HI honeypot monitoring tool which aims at improving the invisibility of monitoring the attackers’ activities in HI honeypots.

Paper last updated October 31st 2010
PDF Sha1: 8c70494ced8ace1f71456fd1f38d74bca660c984 (KYT-Qebek-final_v1.pdf)
Docx Sha1: 58c42a13feb52781cd0e7248ecb3d3bc336007b9 (KYT-Qebek-final_v1.docx)

Share:

AttachmentSize
KYT-Qebek-final_v1.docx1.29 MB
KYT-Qebek-final_v1.pdf2.05 MB