Honeypots
Release of Client Honeypot Capture-HPC v2.5.1 Sep 06 2008 07:57PM
christian seifert gmail com
The Honeynet Project (http://www.honeynet.org) and School of Mathematics, Statistics and Computer Science at Victoria University of Wellington (http://www.mcs.vuw.ac.nz/) are excited to announce the release of Capture-HPC v2.5.1. Capture-HPC is an innovative security product that is able to find and investigate the increasing problem of client-side computer attacks. This new software release aims at further improving the speed and scalability of the software allowing for large scale deployments of client honeypots. Capture-HPC is freely available from our web site at: https://projects.honeynet.org/capture-hpc/wiki. It is written and distributed under the GNU General Public License, v2.

Capture-HPC is a computer security product that allows anyone to: investigate client-side computer attacks; security researchers to find and study malicious servers; virus and malware researchers to collect malware pushed by malicious servers; network administrators to monitor

their systems for client-side attacks; and web site operators to monitor their web sites for unauthorized modifications with client- side attack code.

With version v2.5.1, several new features were introduced:

* Addition of preprocessor plug-in architecture. Preprocessor plug-in allows handling of input urls before they are passed onto Capture. For instance, this could be used to create a crawler or filtering plug-in.

* Recording of process IDs for all state changes. This allows to the client plug-in to determine what URL the attack originated from even if multiple URLs are inspected.

* Exposure of a variety of performance related configuration values. This allows an operator to fine tune an installation of Capture to the hardware its running on. This leads to a more efficient use of available resources.

* Addition of intelligent revert cycle of virtual machines. A more scalable system results.

* Numerous optimizations and bug fixes.

Capture-HPC is freely available from our web site https://projects.honeynet.org/capture-hpc/wiki

. It is written and distributed under the GNU General Public License, v2. A public mailing list is available at https://public.honeynet.org/mailman/listinfo/capture-hpcproviding support and a forum to exchange configuration files, plug-ins, results, etc.

Special thanks to Josh Smith, Lasse Borup, Matthias Luft, David Watson, and Armin Garcia for donating their time to test and document Capture-HPC v2.5.1.

About The Honeynet Project

Founded in 1999, The Honeynet Project (http://www.honeynet.org) is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public. With chapters around the world, our volunteers are firmly committed to the ideals of Open Source. Our goal, simply put, is to make a difference.

About School of Mathematics, Statistics and Computer Science at Victoria University of Wellington School of Mathematics, Statistics and Computer Science at Victoria University of Wellington (http://www.mcs.vuw.ac.nz/) is one of New Zealand's leading centers of research in each of its teaching disciplines of mathematics, statistics, operations research and computer science. The School attracts large external research grants and provides a range of services to the broader community to enhance the application of mathematical, statistical and advanced information technology in New Zealand. We utilize the knowledge generated from this cutting-edge research to create challenging, interesting and practical courses.

Contact Information:

Christian Seifert, PhD Candidate, New Zealand Honeynet Project Lead, Christian.Seifert_at_gmail.com

Related links:

# http://www.honeynet.org

# http://blog.honeynet.org

# https://projects.honeynet.org/capture-hpc/wiki

Terms and conditions, including restrictions on redistribution, apply.

Copyright © 1999-2008 The Honeynet Project All Rights Reserved.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus