Previous
Honeypot Trap Shows Network Misuse
News A "honeypot" network set up purely to attract and monitor the level and type of hacking activity on the Internet has found hackers are routinely scanning for misconfigured file transfer protocol (FTP) servers that allow them to upload and store...
[September 26, 2003, 11:35]
Hackers Lured Into Sweeter Honeypot
News Two dozen members of the Honeynet Project -- including its founder, Lance Spitzner -- hope new changes to the group's open-source honeypot technology will help the method become much more popular among security companies and others.
[April 14, 2003, 12:30]
A Hybrid Honeypot Architecture For Scalable Network Monitoring
White Papers To provide scalable, early warning and analysis of new Internet threats like worms or automated attacks, the paper proposes a globally distributed, hybrid monitoring architecture that can capture and analyze new vulnerabilities and exploits as...
[March 4, 2008, 23:00]
Wi-Fi 'wartrappers' Snare The Drive-by Hackers
News A "honeypot" trap consisting of a Wi-Fi-equipped laptop is the latest weapon against drive-by hackers. The honeypot will be a laptop with a Prism wireless LAN card, which can act as a Wi-Fi access point.
[October 9, 2002, 12:21]
How To Build A Faraday Cage On The Cheap For Wireless TCP/IP Fingerprinting
White Papers Using a wireless honeypot, a fake wireless network may be configured through emulation of devices and the TCP/IP fingerprinting of OS network stacks. Testing the effectiveness of this technique to ensure that a wireless honeypot using honeyed may...
[December 5, 2007, 23:00]
Detecting Targeted Attacks Using Shadow Honeypots
White Papers Traffic that is considered anomalous is processed by a 'Shadow honeypot' to determine the accuracy of the anomaly prediction. One demonstrated the feasibility of the approach in a proof-of-concept implementation of the Shadow Honeypot architecture...
[March 7, 2006, 23:00]
Cybercriminals Get Stuck Into Honeypots
News Criminals would use legions of zombie computers called botnets to bombard honeypot networks with data to hinder or stop them working, otherwise known as distributed denial of service (DDoS) attacks, according to Kaspersky's Malware Evolution: 2005.
[April 4, 2006, 16:25]
Storm Botnet 'services' Could Be Sold
News Fast-flux service networks are networks of compromised computer systems with public DNS records that are constantly changing, making it more difficult to track and control criminal activities, according to the Honeynet Project Research Alliance, a...
[October 16, 2007, 15:25]
Wi-Fi 'Evil Twin' To Become Troublemaker
News BaseStation Clone (Evil Twin) intercept traffic -- An attacker can trick legitimate wireless clients to connect to the attacker's honeypot network by placing an unauthorised base station with a stronger signal within close proximity of the...
[January 20, 2005, 16:45]
Sophos: Protecting The World From The Pentagon
News As well as the information gleaned from the honeypot system, many Malware can come into the honeypot, but can't get out because of a separate hardware firewall blocking it," says Svajcer. For Sophos, security starts at home.
[November 28, 2005, 15:05]
The NASA Hacker: Scapegoat Or Public Enemy?
Talkback Anybody else smell a honeypot here? SysAdmins with no passwords, apparently lots of (far too) juicy information, hackers from all over the world poking around for years. Certainly keeps the attention away from the genuine parts of the network.
[July 15, 2005, 14:05]
Honeypots - Definitions And Value Of Honeypots...updated!
White Papers Interaction defines how much activity a honeypot allows an attacker. Honeypots are an exciting new technology with enormous potential for the security community. The purpose of this paper is to define what honeypots are and their value to the...
[February 16, 2005, 23:00]
Know Your Enemy: Motives
White Papers Part II provides information rarely published, a record of conversations and actions which took place over a fourteen-day period following the compromise of a honeypot system. This paper is a continuation of the Know Your Enemy series.
[December 7, 2003, 23:00]
Know Your Enemy: Worms At War
White Papers The plan was to setup a Win98 honeypot, sit back and wait. This paper was born out of pure curiosity. Our Honeynet was being pounded with UDP port 137 and TCP port 139 scans. The network was getting scanned 5-10 times a day on these ports and...
[February 5, 2004, 23:00]
Controlling A Virus Outbreak With Honeypots
White Papers By implementing a honeypot on the network that will answer the virus calls and stall them (by keeping them in "Wait" loops), one can slow down a virus outbreak incredibly and win precious time to fully contain the virus.
[November 30, 2006, 23:00]
Boot Camp Passes Muster In Speed Tests
Talkback I predicted as much back in November (http://badcomedown.blogspot.com/2005/11/is-apple-preparing-honeypot.html), when it became obvious that Apple's strategy was going to change from one of denial (Windows on Mac will never happen) to one of...
[April 11, 2006, 11:13]
Cybercriminals Get Stuck Into Honeypots
Talkback So organized criminals dont want their viruses to end up in honeypots.why don't the antivirus companies simply take out several IP addresses connected to the major ISPs in each country and attach appropriate servers.that way if for example NTL...
[April 5, 2006, 7:55]
Rupert Goodwins' Diary
Blog This is shorthand for a cross between a Webcrawling robot - the monkey - and a system designed to be attractive to attackers, the honeypot. Tuesday 9/8/2005 This monkey's gone to heaven. Thus sang the Pixies, so beloved of the aggressively fey the...
[August 12, 2005, 18:40]
Companies Fight IM Malware With Honeypots
News This consortium uses honeypot infrastructure to ensure notifications are sent in real time. America Online, Microsoft and Yahoo are supporting a partnership of three security companies who are attempting to thwart instant messaging malware.
[December 7, 2004, 12:45]
Linux Servers 'attacked More Often'
Talkback Symantec examined an automated tool like this, which accounted for supposable Nimda (blended threat) traffic, after it was captured in a Honeypot network3. Continued. ATTACKERS EXECUTING COMMANDS FROM THOUSANDS OF INFECTED SYSTEMS
[February 20, 2004, 19:15]
