Honeypots and Honeynets (71)
 Honeynet.org: Tracking Botnets   - Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them. - http://www.honeynet.org/papers/bots/ 
Chinese Honeynet Project - The Artemis Project (Chinese Honeynet Project). - http://www.honeynet.org.cn
Honeycomb - A system for automated generation of signatures for network intrusion detection systems (NIDSs). - http://www.cl.cam.ac.uk/~cpk25/honeycomb/index.html
Deploying and Using Sinkholes - Configuring and deploying Sink Hole Routers, which are the network equivalent of a honey pot. - http://www.arbornetworks.com/dmdocuments/Sinkhole_Tutorial_June03.pdf
Open Proxy Honeypot - Web Application Security Consortium Distributed Open Proxy Honeypot Project. - http://www.webappsec.org/projects/honeypots/
Honeyclient Development Project - Honeyclient news, downloads, and information. - http://www.honeyclient.org/trac
SecurityFocus: Microsoft looks to "monkeys" to find Web threats - Article discussing how Microsoft have developed a series of Windows XP clients, dubbed "honeymonkeys", that crawl the Web finding sites that use unreported vulnerabilities to compromise unsuspecting users. - http://www.securityfocus.com/news/11173
French Honeynet Project - The French Honeynet Project is a non-profit, all volunteer group dedicated to honeynet research. - http://honeynet.rstack.org/
Know Your Enemy: Learning more about phishing - A detailed analysis of phishing through compromised web servers. - http://www.honeynet.org/papers/phishing/details/index.html
HoneyC Low-Interaction Client Honeypot - A platform independent low interaction client honeypot that allows identify rogue servers on the web. - http://honeyc.sourceforge.net
The Bait and Switch Honeypot System - A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data. - http://baitnswitch.sourceforge.net/
UK Honeynet Project - Provides information surrounding security threats and vulnerabilities active in the wild on UK networks. Home of Honeysnap, tool to analyse Honeywall pcap files and extract summary information. - http://www.ukhoneynet.org/
New Zealand Honeynet project - Papers and information on honeypots, especially application layer, e.g. PHP applications, from the New Zealand branch of the Honeynet project (http://www.honeynet.org/). - http://www.nz-honeynet.org
Medium Interaction Honeypots - Document outlines the weaknesses of different existing approaches to catch malware – especially bots – and shows how Medium Interaction Honeypots solves these problems. - http://www.pixel-house.net/midinthp.pdf
Nepenthes - A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms. - http://nepenthes.mwcollect.org/
The Portuguese Honeynet Project - Information on their honeypot farm using HoneyMole. - http://www.honeynet-pt.org
SécurIT - LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper) - http://securit.iquebec.com/
Anton Chuvakin Honeynet Reseach and Live Stats - Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources. - http://www.chuvakin.com/honeynet/
Philippine Honeynet Project, Philippines - Philippine Honeynet Project. Includes transcript of a VMWare Honeynet using Windows XP / Windows 2000 as the base OS. - http://www.philippinehoneynet.org
Honeypots: Tracking Hackers - White papers, mailing list and other resources related to honeypots. - http://www.tracking-hackers.com/
The Strider HoneyMonkey Project - Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots. - http://research.microsoft.com/HoneyMonkey/
KeyFocus - KF Sensor - Honey pot IDS - A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans. - http://www.keyfocus.net/kfsensor/
Honeybee - A tool for semi-automatically creating emulators of network server applications. - http://www.thomas-apel.de/honeybee/
mwcollect - A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwcollect cannot actually be infected with the malware. - http://www.mwcollect.org
Know your Enemy: Phishing - This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project. - http://www.honeynet.org/papers/phishing/
thp - Tiny Honeypot - A simple honey pot program based on iptables redirects and an xinetd listener. - http://www.alpinista.org/thp/
SecurityFocus: Defeating Honeypots: System Issues, Part 1 - This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer. - http://www.securityfocus.com/infocus/1826
GHH - The "Google Hack" Honeypot - GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine. - http://ghh.sourceforge.net/
Honeypotting: The Complete Documentation - Index of over 75 papers on Honeypots. - http://l0t3k.org/security/docs/honeypotting/en/
Sombria Honeypot System - A honeypot system and "Honeypot Exchange Program." - http://www.lac.co.jp/business/sns/intelligence/sombria_e.html
Honeyd Control Center - Honeyd configuration wizard, a SQL Interface, and reports. - http://zope.org/Members/Ioan/HoneydCenter
Project Honey Pot: Distributed Spam Harvester Tracking Network - A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites. - http://www.projecthoneypot.org/
Building a GenII Honeynet Gateway - This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips. - http://www.honeynet.org.es/papers/honeywall/
Installing a Virtual Honeywall using VMware - This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments. - http://www.honeynet.org.es/papers/vhwall/
Spampoison - Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots. - http://www.spampoison.com/
The Team Cymru Darknet Project - A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics. - http://www.cymru.com/Darknet/
Spanish Honeynet Project - Independent non-profit research organization of security professionals dedicated to information security focused on honeynet technologies. - http://www.honeynet.org.es
SecurityFocus: Defeating Honeypots - Network issues, Part 1 - Article discussing methods hackers use to detect honeypots. - http://www.securityfocus.com/infocus/1803
spank - A collection of programs to deploy, run and analyse network and host simulations in IP networks. - http://spank.sourceforge.net/
WebMaven (Buggy Bank) - WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application security scanners and as a Honeypot. - http://www.mavensecurity.com/webmaven
Impost - Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the com - http://impost.sourceforge.net/
Basted - A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites. - http://basted.sourceforge.net/
|