Honeynor - Chapter Status Report For 2011/2012

ORGANIZATION

List current chapter members and their activities.

  • Sjur Eivind Usken - chapter lead
  • Matt Erasmus
  • Felix Leder
  • Einar Oftedal
  • Erlend Oftedal
  • Lukas Rist
  • Phani Vadrevu
  • Tord Lundstrøm
  • Øystein Fladby
  • Morten Kråkvik
  • Morten Hovland

Recent additions to this Chapter:

  • Felix Leder
  • Tord Lundstrøm
  • Lukas Rist
  • Matt Erasmus
  • Phani Vadrevu

DEPLOYMENTS

SERVICES

The Honeycloud infrastructure
Multi instance version of Wordpress for all chapters to use

RESEARCH AND DEVELOPMENT

Buttinsky botnet monitoring
Social honeypots (FB, twitter, email...)
Wordpress firewall with honeypot and hpfeeds capabilities

Phani Vadrevu worked on Glastopf as a student during GSoC’12 helping Lukas Rist who also kept improving Glastopf and the PHP sandbox.

We are currently sharing Glastopf and PHP sandbox results via HPFeeds, we would like to see others joining in with sharing data and using the data we provide.

FINDINGS

DARAPA Cyber fast track project

PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS

  • We gave a presentation about his honeypot, sandbox, botnet monitoring set-up at the 2012 annual workshop
  • We presented the Honeynet Project to a security group in Stavanger.
  • We gave a presentation about fragmented file analysis during the non-public part of the 2012 annual workshop.

We also contributed to the following (to be published) ENISA papers:

  • Proactive Detection of Security Incidents - Honeypots
  • Honeypots CERT Exercise Toolset

Public web page: http://honeynor.honeynet.org (not online yet)

GOALS

Last year: Make infrastructure available for all members

Next year: Expand the honeycloud further to other countries (US is probably next, but we should also have some in Asia as well ) Please let us know if you have 2-3 servers available.

MISC ACTIVITIES

Phani Vadrevu participated in Google Summer of Code 2012 as a student working on Glastopf.
Lukas Rist successfully finished a DARPA Cyber Fast Track project about SQL injection vulnerability emulation

MENTORING

Lukas Rist helped as a GSoC’12 admin.