Brcontrol released
1:02, July 5th, 2005 by davidBrcontrol released: http://brcontrol.sourceforge.net/
Welcome to the UK Honeynet Project
The UK Honeynet Project (a Chapter of The Honeynet Project) was founded in 2002 as a volunteer not-for-profit research organisation. Our aim is to provide information surrounding security threats and vulnerabilities active in the wild on UK networks today, to learn the tools, tactics, and motives of the blackhat community and to share these lessons learned with the public and the wider IT community. The project seeks to provide input as part of an overall honeynet community of teams researching security within IT systems around the globe.
Honeypots Against Spam
1:01, July 5th, 2005 by davidHoneypots against Spam: Details of a second warrant for a case where proxypot/honeypot information was significant: http://www.proxypot.org/yui.pdf
NoAH launched
1:00, June 29th, 2005 by davidThe European Network of Affined Honeypots: A new EU funded honeynet group has started, made up mostly of Greek and Dutch members to date. “NoAH is an EU co-funded project which will take a step towards achieving an active and more complete approach to networks and systems security. The goal of NoAH is to produce a design study and perform the necessary technical work towards the development of an infrastructure for security monitoring, based on honeypot technology. They are looking for people who are in the area of systems administration, security or research to help them by completing their questionnaire. The questions are not mandatory and can be completed anonymously.” For more information see: http://www.fp6-noah.org/
Roo online manuals updated
1:00, June 24th, 2005 by davidRoo online manuals updated: the online manuals for the Honeynet Project’s GenIII Honeywall CDROM have been significantly updated, including a new section on analysis using the Walleye interface: http://www.honeynet.org/tools/cdrom/roo/manual/6-analysis.html
Annual Honeynet Project workshop confirmed
1:00, June 23rd, 2005 by davidAnnual Honeynet Workshop confirmed: the annual Honeynet Project Workshop has been confirmed as September 22-25th in Chicago. Members from many of the Research Alliance groups are expected to attend, including 3 from the UK Honeynet Project.
Kathy Wang presents her work on Honeyclients
1:00, June 22nd, 2005 by davidHoneyclients: Kathy Wang presented her work on honeyclients at RECON (http://www.recon.cx) on Saturday: http://www.honeyclient.org
Honeybee released
1:00, June 21st, 2005 by davidHoneybee Released: Thomas Apel created a tool for automatically generation plug-ins for honeyd based on the behavior of real servers for his diploma thesis called Honeybee. “For Honeypots to be effective they have to simulate a wide variety of network services. Generating such simulations by hand is a daunting task. An automated system for fingerprinting known servers for common network protocols like Telnet, SMTP, POP3, IMAP4, FTP and HTTP would facilitate deployment of varying honeypots trendemously.Honeybee is such a tool. It can semi-automatically create emulators of network server applications. The resulting emulators can be used together with the honeypot application Honeyd. The emulators should be able to withstand the most common fingerprinting attempts. Honeybee consists of two parts: A scanner and a generic emulators per protocol. The Honeybee scanner talks to a real server and extracts its personality. This personalities are stored in database files and are used to control the generic emulator. The generic emulators use Honeyd’s interface for Python plug-in. Further Information is available at http://lufgi4.informatik.rwth-aachen.de/diplomas/show/6.
Sebek version 3 beta for BSD released
1:00, June 14th, 2005 by davidAs announced on the Honeynet Project web site, a beta version of Sebek clients for BSD systems has been released (version 3, required for GenIII honeynets and the Roo Honeywall CDROM). It can be obtained here: http://honeynet.droids-corp.org