A few days ago I was contacted by our CPRO, Leon van der Eijk, and asked to write a blog post about my own project called Bifrozt; something which I was more than happy to do. :) This post will explain what Bifrozt is, how this got started, the overall status of the project and what will happen further down the road.
What is Bifrozt? Generally speaking, Bifrozt is a NAT device with a DHCP server that is usually deployed with one NIC connected directly to the Internet and one NIC connected to the internal network.
UPDATE: the log data is posted here. A notification group about new log sharing is here.
This WASL 2009 workshop reminded me that I always used to bitch that some academic researchers use antediluvian data sets for their research (Lincoln labs 1998 set used in 2008 “security research” makes me want to just curse and kick people in the balls, then laugh, then cry, then cry more…).
However, why are they doing it?