- About us
- Code of Conduct
- Google SoC
- Recent posts
- Security Workshops
As the GSOC approaches the end. I would like to publish a beta version of my project for Network Malware Simulation.
The name for the new open source software is Imalse, which is the acronym of Integrated MALware Simulator & Emulator
The website for the project is http://people.bu.edu/wangjing/open-source/imalse/html/index.html, in which you can get detailed description, instructions for installation and demos.
We where glad to announce yet another tool during our annual workshop in San Francisco. Glaspot is the third version of the web application honeypot Glastopf and it come with some very powerful new features:
Since my last post about the Google Summer Of Code 2012 Student Applications deadline closing and sharing some initial student applications statistics, all the GSoC 2012 mentoring organisations have been hard at work reviewing and scoring their student applications.
After a slower than usual start, this years Google Summer of Code (GSoC) student applications period closed at 19:00 UTC on Friday April 6th, with a major application rush in the last couple of days which kept us busy right up to the deadline! Many thanks to all the interested students who applied, and our mentors and org admins for taking the time to respond to students on IRC, email and through Melange.
If you are a student interested in applying to the Honeynet Project, the student application deadline is 19:00 UTC on Friday April 6th. So with 3 days to go, you need to be planning on submitting your project application vi the Melange system soon. To avoid disappointment, please don't leave your application until the last minute - you can edit as often as you want before the deadline.
We have just been notified by Google that the Honeynet Project has - once again - been accepted as one of the mentoring organization for Google Summer of Code 2012 (in total 180 organizations were selected). We are very excited and are looking forward to a great summer! Already a big thank you to Google for their continued support!
While student applications are not officially open yet, interested students are encouraged to check out our ideas page and get in contact with us via email@example.com and/or IRC (#gsoc2012-honeynet on irc.freenode.net) in the next few ideas to meet the mentors and discuss project ideas. Student applications officially open on March 26th 2012 and close on April 6th 2012.
We are looking forward to hearing from you!
GSoC 2011 #8 project's goal was to add forensics features to the popular Wireshark network analyzer.
Wireshark is an open source network analyzer widely used for network debugging as well as security analysis. Wireshark provides network
analyzer with graphical interface as well as command line tools.
Wireshark also provides network protocol decoders and support filters that allow to search through packets with keywords.
GSoC plugins extend Wireshark capabilities when Wireshark is used to analyze network traffic with security and forensic in mind.
The Beta version of HoneySink is out!
What is HoneySink?
HoneySink is an open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network.
Able to be deployed both internally and externally it is designed to log and respond to incoming requests for a number of network protocols.
With configuration and scalability in mind, HoneySink was designed from the ground up with a non-blocking architecture to handle extremely large amounts of traffic while being able to perform customised interactions and logging.
By now, what I have done for Capture-HPC is:
Proposed Capture-HPC Description
Capture-HPC is a high-interaction client honeypot that is capable of seeking out and identifying client-side attacks. It identifies these attacks by driving a vulnerable client to open a file or interact with a potentially malicious server. As it processes the data, Capture-HPC monitors the system for unauthorized state changes that indicate a successful attack has occurred. It is regularly used in surveys of malicious websites that launch drive-by-download attacks.