|
|
Colapse all |
Post message
Honeypot books 2007-12-25 karlzen (henrik karlzen bostream nu) (1 replies) Re: Honeypot books 2007-12-25 Jamie Riden (jamie riden gmail com) (1 replies) RE: Honeypot books 2007-12-26 Dodge, R. LTC IETD (Ronald Dodge usma edu) (1 replies) Client Honeyopt Patent 2007-12-21 Lance Spitzner (lance honeynet org) (3 replies) Folks, I just found out the US Patent office has started an interesting online Wiki for submitting prior art for specific patents. It looks like this is a trial program. I also just found out they have Microsoft's patent application for client honeypots (called HoneyMonkey). If you have [ more ] [ reply ] HITBSecConf2007 Malaysia Videos Now Available 2007-12-06 Praburaajan (prabu hackinthebox org) The videos from Hack In The Box Security Conference 2007 Malaysia is now available for download! The files were created in Quicktime, however if you're having trouble playing them on your platform, please ensure you have the latest 3IVX codec installed. Time to fire up your favorite Bit Torrent [ more ] [ reply ] CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's 2007-11-09 Dragos Ruiu (dr kyx net) I'd like to congratulate Adam Laurie for winning the second Powerbook from the Pwn_to_Own contest as the prize for the best speaker rated by the audience for his presentation on RFID at CanSecWest 2007. We will have a similar prize for the best speaker at CanSecWest 2008, prize TBD (but we promise i [ more ] [ reply ] Announcing new KYE paper: Behind the Scenes of Malicious Web Servers 2007-11-07 Christian Seifert gmail com The Honeynet Project is excited to announce the release of a new paper of our Know Your Enemy series, KYE: Behind the Scenes of Malicious Web Servers. In this paper, we increase our understanding of malicious web servers through analysis of several web exploitation kits that have appeared in 2006/07 [ more ] [ reply ] RE: How to monitor events in Windows? 2007-11-02 Francisco Rodrigo Cortinas Maseda (francisco cortinas jazztel com) Try evntwin.exe It is an integrated solution on Microsotf Windows Servers to translate events (all types) and alarms to snmp traps. Obviusly, you will need also an snmp collector to view this traps on other server. There is also a console app, EVNTCMD.EXE. Try google this apps to know more about [ more ] [ reply ] Re: How to monitor events in Windows? 2007-11-02 ccelen cantv net I recommend that you use OSSEC is a Host-Based Intrusion Detection Systemm, It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response, and its latest version integrates with prelude is an Hybrid IDS framework http://www.os [ more ] [ reply ] How to monitor events in Windows? 2007-11-02 mybayern1974 sjtu edu cn (4 replies) I want to know everything happend in my Windows box, including both local events and network events. Is there such a tool? I know sebek is a good choise, but unfortunately the sebek client is unable to work in windows box located in Virtual Machine like VMware. (It will cause "blue screen" when rebo [ more ] [ reply ] RE: How to monitor events in Windows? 2007-11-04 Steve Armstrong (stevearmstrong logicallysecure com) CFP for HITBSecConf2008 - Dubai now open 2007-10-23 Praburaajan (prabu hackinthebox org) The CFP for HITBSecConf2008 - Dubai is now open. Our 2008 event is expected to attract over 300 attendees from around the EMEA region and will see keynote speakers Bruce Schneier (Founder and CTO, BT Counterpane) and Jeremiah Grossman (Founder and CTO, White Hat Security). The event is supported an [ more ] [ reply ] Problem with roo and sebek. Need help. 2007-10-09 Parvinder Bhasin (parvinder bhasin gmail com) Hi, First sorry if this email appears twice. I have been working on setting up a high interaction honeypot using the honeywall which has a honeypot server behind. Honeypot server is of linux flavour and I have setup sebek client on it and I see that the honeywall is seeing the sebek data when I tr [ more ] [ reply ] ECU Australian Security Conferences Deadline Extended 15th October 2007-10-05 Craig VALLI (c valli ecu edu au) Hi All Conference deadlines are extended (the last one) until 15th October 8th Australian Information Warfare and Security Management Conference 5th Australian Information Security Management Conference 5th Australian Digital Forensics Conference CFP and other details from http://conferences. [ more ] [ reply ] honeyd and prelude 2007-09-18 OÄ?uz Yarımtepe (comp ogz gmail com) I checked the honyd forums and everyone asking the same thing. I installed honeyd to Debian etch. The version is 1.5b. After configuring honeyd.conf and running it, i decided to log to the prelude and see the details at prewikka. I checked the web and found that after writing to the prelude-lml [ more ] [ reply ] real ip with honeyd 2007-09-15 OÄ?uz Yarımtepe (comp ogz gmail com) (1 replies) Hi, I was trying to see the attackers behaviour and deployed a honeyd to a machine. But i gave real ips to the simulated systems, so the bind parts have real ips. I had a arpd problem also so i couldnt make it work, does honeyd work with real ips? According to the explanations, honeyd is deploy [ more ] [ reply ] Release of Capture-HPC 2.0 2007-09-12 christian seifert gmail com The newly established Client Honeynet Project and Victoria University of Wellington, NZ are very excited to announce the major release of our high interaction client honeypot Capture-HPC, version 2.0. There are many awesome features as part of this release: * support for any client application tha [ more ] [ reply ] |
|
Privacy Statement |
Hi everyone!
I'm new here and I hope my question is not posed in the wrong forum. :)
After New Year I will do my bachelor project which will consist of
adding/improving on an existing honeypot application. Now, I'm new to this
area but have for example taken a course on network security. Anyway,
[ more ] [ reply ]