Blog postings from honeynet.org

Introducing Conpot

lukas.rist — Sat, 11 May 2013 14:08:13 -0500

We proudly announce the first release of our Industrial Control System honeypot named Conpot.

Until now setting up an ICS honeypot required substantial manual work, real systems which are usually either inaccessible or expensive and lecture of quite tedious protocol specifications. With implementing a master server for a larger set of common industrial communication protocols and virtual slaves which are easy to configure, we provide an easy entry into the analysis of threats against industrial infrastructures and control systems.

Google Summer Of Code 2013 Student Applications now closed and some statistics

david.watson — Thu, 09 May 2013 11:58:46 -0500

Having being very pleased to be accepted once again by Google as one of the lucky mentoring organization for GSoC 2013, we had eagerly awaited the student application period starting and the excitement (and occasional drama) that always brings.

Google Summer of Code 2013 Student Application Deadline Friday May 3rd 19:00 UTC

david.watson — Thu, 02 May 2013 17:24:26 -0500

With less that 24 hours now remaining until the official deadline for Google Summer of Code (GSoC) 2013 student applications (19:00 UTC Friday May 3rd 2013), this is our final call for interested and eligible GSoC students.

Google Summer of Code 2013 Participating Mentoring Organizations Announced

david.watson — Mon, 08 Apr 2013 20:44:54 -0500

After a tense few days for all of the organizations who applied, The Honeynet Project is delighted to announce that it has once again been selected as one the participating mentoring organizations in Google Summer of Code (GSoC) 2013.

Call for Proposal for hosting the 2014 Annual Workshop

julia.cheng — Mon, 29 Apr 2013 08:37:41 -0500

As you may know, the annual workshop is a key event to bring together top information security experts from around the globe to present their research efforts as well as discuss insights and strategies to combat new emerging threats. The annual workshop held in February or March every year is a five-days event including a one-day briefing, two-days of hands-on training open to public and two-days of private meetings by invitation only.

HpfeedsHoneyGraph - Automated Attack Graph Construction for Hpfeeds Logs

julia.cheng — Tue, 11 Sep 2012 14:18:25 -0500

Finally it is good enough to announce my GSoC project - HpfeedsHoneyGraph which is a Splunk APP to display attack graph for hpfeeds logs. It is not a easy project for me to complete in short time. During the last three months, I have to learn several skills for implementation including HPfeeds logs correlation of several hpfeeds channels, Splunk frameworks, Splunk REST API , D3.v2.js graph library and fast-fluxing modules. The most difficult challenge for me is to write javascript code. I SUPER hate javascript.

Forensic Challenge 13 – "A Message in a Picture" - And the winners are...

angelo.dellaera — Mon, 08 Apr 2013 17:40:39 -0500

Folks,
the Honeynet Project Pacific Northwest Chapter has judged all submissions and results have been posted on the challenge page. The winners are:

1. Faure Bastien
2. Andrey "Zed" Zaikin

Congratulations to the winners and thanks to the other participants!

Angelo Dell'Aera
The Honeynet Project

Ghost 0.3 released

sebastian.poeplau — Wed, 27 Mar 2013 07:51:26 -0500

Today I've released version 0.3 of the Ghost USB honeypot, which introduces a lot of new features, including a completely rewritten core for better malware detection. The new version is available on the project page. This post outlines the major changes.

A new infosec era? Or a new infosec error?

david.dittrich — Mon, 11 Mar 2013 03:54:58 -0500

On March 4, 2013, a contest was held at the Nullcon conference in Goa, India, to see who could take over a botnet. The Times of India reported that the prize money was provided by an Indian government official and was awarded to the Garage4Hackers team. The co-founder of the Nullcon conference, Antriksh Shah, said "At Nullcon Goa 2013, for the first time in the world the government has come forward and announced a bounty prize of Rs 35,000 to whoever provides critical information on the command and control servers of a malware recently found in one of the government installations in India," and then tweeted, "Dawn of new infosec era. Govt of India announced (and actually paid) first ever bounty (Rs. 35 k) at nullcon to take down a c&c." When asked whether this was a live botnet, or a simulated botnet held within a safe and isolated virtual network where no harm could result, Nullcon tweeted, "it was a live campaign up since a couple of yrs and the malware was found in a gov. Infra."

GSoC 2013 Announced

david.watson — Sat, 02 Mar 2013 16:12:40 -0600

Like many other open source organizations, The Honeynet Project's members have been excitedly waiting to hear if Google would be running their Google Summer of Code (GSoC) initiative again this year. Well, the wait the over and GSoC 2013 has officially been announced on Google's Open Source Blog . This is great news!