- About us
- Code of Conduct
- Google SoC
- Recent posts
- Security Workshops
TL;DR: Low interaction honeypots are designed to emulate vulnerable services and potentially detect attacks without exposing full operating system functionality. Although they have evolved in many ways over the past 15 years, understanding their limitations and sometimes inherent design weaknesses is important when you consider deploying them.
The Conpot team is following closely the latest developments in Honeypot research and the methods and technologies used. If you look at the topics presented on security conferences, you might have also noticed an increased interest in ICS security and honeypot technologies in the last two years. One presentation from this years Blackhat’15 conference caught my attention also knowing previous research done by Kyle and Stephen: “The little pump gauge that could: Attacks against gas pump monitoring systems” [link] If you are interested in their findings, I recommend their white paper: “The GasPot Experiment: Unexamined Perils in Using Gas-Tank-Monitoring Systems“ [link, pdf] by Kyle Wilhoit and Stephen Hilt from Trend Micro’s Forward-Looking Threat Research team.
So we had the great idea to add exactly that feature to Conpot...
Marie has a Ph. D. in information security and is passionate about incident handling and information sharing. She has experience as a team leader at NSM NorCERT, the Norwegian national CERT. Marie also teaches a class on incident management and contingency planning at Gjøvik University College.
Francesca Bosco earned a law degree in International Law and joined UNICRI in 2006 as a member of the Emerging Crimes Unit. She is responsible for cybercrime prevention projects, and in conjunction with key strategic partners, has developed new methodologies and strategies for researching and countering computer related crimes.
Lukas Rist is a software engineer with Blue Coat Norway where he develops behavioral malware analysis systems. In his spare time, he works on web application and ICS/SCADA honeypots and botnet monitoring tools under the umbrella of the Honeynet Project where he is also a Director. He recently developed an interest in deployment automation, ephemeral file systems and exotic industrial communication protocols.
Hugo Gonzalez is a full member of the Honeynet Project, and now is pursuing his PhD at University of New Brunswick, working at the Information Security Centre of Excellence. His research interest include Malware Authorship Attribution, Android Malware and Application Layer DoS attacks.
Per Thorsheim is the founder & main organizer of Passwordscon, the worlds first and only conference about passwords and digital authentication.
The submission deadline for the Forensic Challenge 14 – “Weird Python“ put up by Thomas Chopieta and Maximilian Hils has passed. We have received 14 submissions totaling to more than 200 pages. Thanks to our workshop team, we are happy to announce the winners who will get tickets for the Honeynet Workshop in Stavanger!
Here are the most excellent submissions:
Kai Roer is focusing on user awareness, security culture and the study of how our human mind makes us vulnerable and exploitable. He consults with people and organizations on the interpersonal skills that are vital to a successful and trusted secure environment. He is the creator of the Security Culture Framework, a columnist at Help-Net Security and the author of a number of books about cybersecurity and leadership.
Just in time for the Honeynet Workshop in Stavanger, we're happy to announce a new Forensic Challenge! What's more, there are great prizes for the best submissions: