The Honeynet Project

Posting this blogpost on behalf of Dmitry Rodionov.

Hi there! I'm Dmitry Rodionov and this summer I've been working on an OS X analyzer for Cuckoo Sandbox project.

Cuckoo Sandbox

First things first: what is Cuckoo Sandbox? Imagine a box you can put any suspicious program or script into and immediately receive a complete description of what this program is and what it does. Well, that's Cuckoo! Read more »

1. Hello Andre and congratulations on getting the CEO job ! Can you please tell us a bit more about yourself. What is your background for instance ? Read more »

The Conpot team is following closely the latest developments in Honeypot research and the methods and technologies used. If you look at the topics presented on security conferences, you might have also noticed an increased interest in ICS security and honeypot technologies in the last two years. One presentation from this years Blackhat’15 conference caught my attention also knowing previous research done by Kyle and Stephen: “The little pump gauge that could: Attacks against gas pump monitoring systems” [link] If you are interested in their findings, I recommend their white paper: “The GasPot Experiment: Unexamined Perils in Using Gas-Tank-Monitoring Systems“ [link, pdf] by Kyle Wilhoit and Stephen Hilt from Trend Micro’s Forward-Looking Threat Research team.

So we had the great idea to add exactly that feature to Conpot... Read more »

TL;DR: Low interaction honeypots are designed to emulate vulnerable services and potentially detect attacks without exposing full operating system functionality. Although they have evolved in many ways over the past 15 years, understanding their limitations and sometimes inherent design weaknesses is important when you consider deploying them. Read more »

Marie has a Ph. D. in information security and  is passionate about incident handling and information sharing. She has experience as a team leader at NSM NorCERT, the Norwegian national CERT. Marie also teaches a class on incident management and contingency planning at Gjøvik University College. Read more »

Francesca Bosco earned a law degree in International Law and joined UNICRI in 2006 as a member of the Emerging Crimes Unit. She is responsible for cybercrime prevention projects, and in conjunction with key strategic partners, has developed new methodologies and strategies for researching and countering computer related crimes. Read more »

 
Lukas Rist is a software engineer with Blue Coat Norway where he develops behavioral malware analysis systems. In his spare time, he works on web application and ICS/SCADA honeypots and botnet monitoring tools under the umbrella of the Honeynet Project where he is also a Director. He recently developed an interest in deployment automation, ephemeral file systems and exotic industrial communication protocols.
  Read more »

Hugo Gonzalez is a full member of the Honeynet Project, and now is pursuing his PhD at University of New Brunswick, working at the Information Security Centre of Excellence. His research interest include Malware Authorship Attribution, Android Malware and Application Layer DoS attacks. Read more »

Per Thorsheim is the founder & main organizer of Passwordscon, the worlds first and only conference about passwords and digital authentication. Read more »

The submission deadline for the Forensic Challenge 14 – “Weird Python“ put up by Thomas Chopieta and Maximilian Hils has passed. We have received 14 submissions totaling to more than 200 pages. Thanks to our workshop team, we are happy to announce the winners who will get tickets for the Honeynet Workshop in Stavanger!
 
Here are the most excellent submissions: Read more »