We are the Australian Honeynet Project:
- Shaun Vlassis
- Ben Reardon @benreardon
- David Zielezna
Founded in Jan 2008, the Australian Honeynet Project supports the mission of understanding the tools, tactics and motives of those who represent a cyber threat. We share our findings with other security researchers and Law Enforcement authorities. We hope our activities will benefit Australian citizens who make legitimate use of the Internet. Our broad aim is to help make the Internet a safer place for end users.
Essentially the Australian Honeynet Project is a community based 'For Public Good' project, we currently have three core members who guide and maintain the project.
We also have 'contributors' who provide advice, intelligence, data and resources to the project. Contributors can participate for as long as they desire. We try to match contributor's skills and resources up with pieces of work we need done at the time.
Work on the project is done in our spare time and as private citizens. We do not receive wages or other payments for our work. We are not affiliated, guided by or indebted to any commercial or government entity - be they sponsors, contributors or employers. This is our most important ethos, because it allows us to maintain our independence to develop the project without outside pressures, and keep the public good as our primary concern.
We are a Chapter of the overarching Honeynet Project, whose details follow:
Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public. With Chapters around the world, our volunteers are firmly committed to the ideals of OpenSource. Our goal, simply put, is to make a difference. We accomplish this goal in the following three ways.
Awareness We raise awareness of the threats and vulnerabilities that exist in the Internet today. Many individuals and organizations do not realize they are a target, nor understand who is attacking them, how, or why. We provide this information so people can better understand they are a target, and understand the basic measures they can take to mitigate these threats. This information is provided through our Know Your Enemy series of papers.
Information For those who are already aware and concerned, we provide details to better secure and defend your resources. Historically, information about attackers has been limited to the tools they use. We provide critical additional information, such as their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. We provide this service through our Know Your Enemy whitepapers and our Scan of the Month challenges.
Tools For organizations interested in continuing their own research about cyber threats, we provide the tools and techniques we have developed. We provide these through our Tools Site.
Primary Contact Information
1163 E. Ogden Ave,
Suite 705-174 Naperville,
IL 60563 USA
Voice & Fax: +1.630.596.4470
Our Board Of Directors
Max Kilger - Jan, 2010
Ralph Logan - Jan, 2010
Lance Spitzner - Jan, 2010
Camilo Viecco - Jan, 2011
Ron Dodge - Jan, 2011
Christian Seifert - Jan, 2012
David Watson - Jan, 2012
Chief Executive Officer - Lance Spitzner
Chief Communications Officer - Lance Spitzner
Chief Ethics and Legal Officer - Camio Viecco
Chief Membership Officer -Max Kilger
Chief Financial Officer - Ron Dodge
Chief Research Officer - David Watson
While the quantity of submissions for FC10 was lower than usual - we had expected this because of the amount of work required to submit plus being over the Christmas break - the quality of the solutions was really inspiring.
Of course the hardest part was deciding the winners, and as expected the traditional scoring method was not ideal for this type of challenge because the challenge was about creating and developing ideas, rather than just answering a number of dry questions. Quite a few people people used the challenge not so much to win a prize, but to have fun, develop an idea they've had, practice on some real datasets, learn, and teach. This was exactly the spirit we'd hoped for, so thanks to everyone for putting in a big effort.
The Winners and their solutions:
Fabian Fischer - solution
Chris Horsley - solution
Fraser Scott - solution
Dan Gleebits - solution
Johnathan Tracz - solution
The standout theme in the submissions for me was the use of interactive and flexible tools to analyse the data. As we move further into the big data world, its going to be imperative to get inside the data interactively to understand it. Some of the solutions focused on developing brand new applications/frameworks to interactively data sets - Check out the submissions from Fabian and Chris as really good examples of this. While Fraser put forward the idea of rendering images in 3D - which is not that far-out an idea actually, why not?!.
We hope that this challenge was enjoyable for those who participated, and for those downloading the submissions for inspiration. These challenges have a long legacy, we see people downloading, attempting and referencing these challenges and the solutions for education purposes years afterwards, so they are an important program at the Honeynet Project.
It would be great to see solutions to future forensic challenges use visualization, not only to analyse and detect trends, but also to describe the problem space to the layperson. With that said - the next Forensic challenge, FC11 should be released shortly - so stay tuned.
And lastly, if anyone wants to develop their ideas further, a good way (i.e. get paid if you are accepted!) is to get involved in our upcoming Google Summer of Code program GSOC12
The Beta version of HoneySink is out!
What is HoneySink?
HoneySink is an open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network.
Able to be deployed both internally and externally it is designed to log and respond to incoming requests for a number of network protocols.
With configuration and scalability in mind, HoneySink was designed from the ground up with a non-blocking architecture to handle extremely large amounts of traffic while being able to perform customised interactions and logging.
Following is a brief summary of our activity and contributions during 2010:
2010 saw the addition of David Zielezna as a contributor to the Project.
We are now:
- Shaun Vlassis, HP full member, Chapter lead.
- Ben Reardon. HP full member, member of the HP Public relations and membership committees
- David Zielezna. Contributor, and in charge of AHP infrastructure.
2010 Annual Honeynet project workshop, Mexico City
The Honeynet Project is a leading international 501c3 non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools to improve Internet security. With Chapters around the world, our volunteers have contributed to fight again malware (such as Confickr), discovering new attacks and creating security tools used by businesses and government agencies all over the world.