Honeynet Research Alliance bi-annual reports published.
Archive for April, 2005
mwcollect (malware collect) tool released by the German Honeynet Project. This is an new tool designed for the automated collection of malware, as documented in “KYE: Tracking Botnets” and several more papers. One of the first next generation client honeypots, it is designed to capture Windows worms and bot attacks without having to run a Microsoft OS.
Distributed Open Proxy Honeypot Project: “The WASC solution is to use one of the web attacker’s most trusted tools against him – the Open Proxy server. Instead of being the target of the attacks, we opt to be used as a conduit of the attack data in order to gather our intelligence. By deploying multiple, specially configured open proxy server (or proxypot), we aim to take a birds-eye look at the types of malicious traffic that traverse these systems. The honeypot systems will conduct real-time analysis on the HTTP traffic to categorize the requests into threat classifications outlined by the Web Security Threat Classification and report all logging data to a centralized location.”