Thug 0.5 and KYT paper

10 Jul 2014 Angelo Dellaera honeyclient kye kyt thug
Thug 0.4.0 was released on June, 8th 2012 and a huge number of really important features were added since then. During the last two years I had a lot of fun thinking and designing the future of the project and I’m really proud of what Thug is now. I have to thank a lot of persons who contributed with their suggestions, ideas, bug reports and sometimes patches. You know who you are.

Know Your Enemy: Social Dynamics of Hacking

29 May 2012 Christian Seifert kye
I am very pleased to announce the publication of another paper in our Know Your Enemy white paper series: “KYE - Social Dynamics of Hacking” authored by Thomas J. Holt and Max Kilger from our Spartan Devils Honeynet Project Chapter. In this paper, Tom and Max go to the roots of the Know Your Enemy series and shine light on the social groups that are involved in hacking. _ Abstract

Announcing the publication of Know Your Tools: Glastopf - A dynamic, low-interaction web application honeypot

15 Nov 2010 Christian Seifert Lukas Rist kye kyt paper publication
Folks, I am very pleased to announce the publication of our Know Your Tools paper: Glastopf - A dynamic, low-interaction web application honeypot authored by Lukas Rist of the Chicago Honeynet Project Chaper and Sven Vetsch, Marcel Kossin, and Michael Mauer. The paper is available from https://honeynet.org/papers/KYT_glastopf. Paper abstract Currently, attacks against web applications make up more than 60% of the total number of attempted attacks on the Internet. Organizations cannot afford to allow their websites be compromised, as this can result in serving malicious content to customers, or leaking customer’s data.

Know Your Tools: Qebek - Conceal the Monitoring has been published

05 Nov 2010 Jianwei Zhuge gsoc kye kyt white-paper
Christian Seifert (CPRO of The Honeynet Project) has just announced publication of our Know Your Tools series: Qebek - Conceal the Monitoring, authored by Chengyu Song and Jianwei Zhuge from the Chinese Chapter and Brian Hay from the Alaskan Chapter. The paper is based on Chengyu’s hard work during the GSoC 2009, Brian Hay and me acted as his mentors for the Qebek GSoC Project. Congrats to Chengyu and Chinese Chapter.

Announcing the publication of Know Your Tools: Qebek - Conceal the Monitoring

03 Nov 2010 Christian Seifert kye kyt qebek
I am very pleased to announce another publication of our Know Your Tools series: Qebek - Conceal the Monitoring authored by Chengyu Song and Jianwei Zhuge from the Chinese Chapter and Brian Hay from the Alaskan Chapter. The paper is available from https://honeynet.org/papers/KYT_qebek. Paper abstract For the last few years, while low-interaction (LI) honeypot systems like Nepenthes and PHoneyC are getting more and more powerful, the progress of high-interaction (HI) honeypot technology has been somewhat slower.

Know Your Tools: use Picviz to find attacks

26 Nov 2009 Christian Seifert kye kyt picviz
We are very excited to announce the publication of our first paper in the new Know Your Tools paper series: “KYT: use Picviz to find attacks” authored by Sebastien Tricaud from the French Chapter and Victor Amaducci from the University of Campinas. The paper can be downloaded at Know Your Tools: use Picviz to find attacks. _Paper Abstract Picviz is a parallel coordinates plotter which enables easy scripting from various input (tcpdump, syslog, iptables logs, apache logs, etc.

Detecting and Containing Conficker - Management Overview

30 Mar 2009 Lance Spitzner kye conficker
The Honeynet Project is very excited to announce a new scanning tool for detecting Conficker and an upcoming Know Your Enemy paper detailing how to contain Conficker. Both the paper and the tool have been developed by Honeynet Project members Tillmann Werner and Felix Leder. The tool was developed over the weekend, in co-ordination with Dan Kamisnky, and this tool is now publicly available and is in the process of being integrated into most major vulnerability scanning tools, including Nmap.

Know Your Enemy: Containing Conficker

30 Mar 2009 Lance Spitzner kye conficker
The Honeynet Project is excited to announce the release of Know Your Enemy: Containing Conficker. In this paper we present several potential methods to contain Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotelydetect a compromised system. Furthermore, we demonstrate various methods to detect and remove Conficker locally and a potential vaccination tool is presented. Finally, the domain name generation mechanism for all three Conficker variants is discussed in detail and anoverview of the potential for upcoming domain collisions in version .