Emulation is an important technology in honeypots and honeynets. It’s not always what we want, though, and here’s why. As you might know, most bots perform attacks in multiple stages, i.e., they
send some exploit code to the victim that opens a shell, connect to that shell or let the shell connect back, invoke commands to download the actual malware binary, execute the malware. Catching the exploit and providing a fake shell isn’t too hard, as shown in this post.
Greetings! First I want to start off by thanking Steve Mumford, Christine Kilger, Jamie Riden, David Watson and Markus Koetter, they are the people that made our new website possible. Second, I wanted to share with you how excited I am about this. One of the challenges we have had for years is coordinating all the different research projects are members are doing. This site will allow each person to share as much as they want, however they want.