Introducing Glastopf, a Web Application Honeypot

27 May 2009 Lukas Rist glastopf gsoc honeypot

Hello, this initial blog post is used to introduce me and to provide a brief overview of my GSoC Project.

My name is Lukas Rist (my personal blog) and I am currently studying Math and Physics at the University of Kaiserslauter in Germany. This is my first time in GSoC and I will be working with Thorsten Holz on Glastopf, a Web Application Honeypot.

Glastopf is a minimalistic web server emulator written in Python. The honeypot tool collects information about web application-based attacks like for example remote file inclusion, SQL injection, and local file inclusion attacks.

The Glastopf Project was founded before the GSoC, thus a running version of the system is already available. Actually I am improving the central database which holds the collected data from a small number of Glastopf nodes. A big part of my work during the participation will be the analysis of a large amount of collected data. Due to the fact that there is no other tool with comparable capabilities, the first results are astonishing and they are promising a lot of fun in the coming months!

If you are interested in quantitative results from the central database and if you are a fan of fancy Web 2.0 services, check out my Glastopf Twitter feed at http://twitter.com/glastopf