To have a better visibility of this years GSoC projects we have created a blog for the students and their mentors. This blog is the place where students should post weekly updates about their progress. It is also the place where students and mentors can share their findings and experiences about and during the GSoC projects as they happen. The first updates have already started to drip in and it is getting interesting.
Two years are passed from the first commit and taking a look at the number of committed patches I realized that right now the patch number 1000 was committed. Let me say it’s really impressive realizing it. In the last two years I had a lot of fun thinking and designing the future of this project and I’m really proud of what Thug turned to be. I have to thank a lot of persons who contributed with their suggestions, ideas, bug reports and sometimes patches.
Howdy all,
I’ve the pleasure to *finally* unveil the second version of Dorothy: a malware/botnet analysis framework written in Ruby.
Dorothy2 is a framework created for mass malware analysis. Currently, it is mainly based on analyzing the network behavior of a virtual machine where a suspicious executable was executed. However, static binary analysis and system behavior analysis will be shortly introduced in further versions.
Dorothy is a multi-thread framework: it is able to execute as many concurrent analysis processes as the number of the VMs present in vSphere.
After a pretty hectic few weeks of student application review, setting and scoring coding challenges, and assessing proposals, mentoring organizations participating in GSoC 2013 had to confirm their student slot allocations and final short list of preferred candidates by Friday May 24th at 19:00 UTC. This is always one of the most difficult periods for us, with many tough decisions required trying to balance the best mix of students/projects/mentors into a limited number of student slots.
[This post expresses the personal opinion of the author and is not an official statement representing the Honeynet Project.]
At the AusCERT 2013 conference, Dmitri Alperovich called for debate about, “the kinds of actions that infosec professionals are allowed to take against attackers.” I agree with Dmitri, and in fact I made the same call, at the same conference on May 23, 2005! (AusCERT invited me to speak on an emerging topic and I chose to speak for the first time publicly at AusCERT 2005 about the Active Response Continuum research I had been doing with funding from Cisco.
We proudly announce the first release of our Industrial Control System honeypot named Conpot.
Until now setting up an ICS honeypot required substantial manual work, real systems which are usually either inaccessible or expensive and lecture of quite tedious protocol specifications. With implementing a master server for a larger set of common industrial communication protocols and virtual slaves which are easy to configure, we provide an easy entry into the analysis of threats against industrial infrastructures and control systems.
Having being very pleased to be accepted once again by Google as one of the lucky mentoring organization for GSoC 2013, we had eagerly awaited the student application period starting and the excitement (and occasional drama) that always brings. Once again we were not disappointed, with a steady stream of students getting in touch with us via our public mailing list or IRC channel (#gsoc-honeynet on irc.freenode.net) and exploring project ideas with us.
With less that 24 hours now remaining until the official deadline for Google Summer of Code (GSoC) 2013 student applications (19:00 UTC Friday May 3rd 2013), this is our final call for interested and eligible GSoC students. If you are interested or intend to get involved, please apply now.
For anyone new to the GSoC program, or anyone who has already talked to us on IRC (#gsoc-honeynet on irc.freenode.net) or on our public GSoC mailing list, please remember that you must still submit your student application the Google’s official GSoC 2013 form in Melange for it to be official.
As you may know, the annual workshop is a key event to bring together top information security experts from around the globe to present their research efforts as well as discuss insights and strategies to combat new emerging threats. The annual workshop held in February or March every year is a five-days event including a one-day briefing, two-days of hands-on training open to public and two-days of private meetings by invitation only.
After a tense few days for all of the organizations who applied, The Honeynet Project is delighted to announce that it has once again been selected as one the participating mentoring organizations in Google Summer of Code (GSoC) 2013. This is great news and should make for another very exciting summer for many students, mentors and team members, so many thanks to Google’s and their Open Source Projects Office for their continued support of both us and free open source software (FLOSS) in general.