UK Honeynet Project 

Honeynet Research Alliance bi-annual reports published.

mwcollect (malware collect) tool released by the German Honeynet Project. This is an new tool designed for the automated collection of malware, as documented in “KYE: Tracking Botnets” and several more papers. One of the first next generation client honeypots, it is designed to capture Windows worms and bot attacks without having to run a Microsoft OS.

Rootkit web sites taken down by DDoS attacks

The Honeynet Project has published a new Scan of the Month (SotM) challenge, number 34. This month’s challenge is to analyze a diverse set of logs captured on the honeypot by various monitoring and auditing systems in order to determine whether (and how) the honeypot was compromised.

Distributed Open Proxy Honeypot Project: “The WASC solution is to use one of the web attacker’s most trusted tools against him – the Open Proxy server. Instead of being the target of the attacks, we opt to be used as a conduit of the attack data in order to gather our intelligence. By deploying multiple, specially configured open proxy server (or proxypot), we aim to take a birds-eye look at the types of malicious traffic that traverse these systems. The honeypot systems will conduct real-time analysis on the HTTP traffic to categorize the requests into threat classifications outlined by the Web Security Threat Classification and report all logging data to a centralized location.”