Archive for November, 2007

“Web application attacks” article published in Network Security (Part 2)

Tuesday, November 20th, 2007

The November edition of Elsevier’s Network Security publication contains the second part of an article on web application attacks written by David Watson of the UK Honeynet Project and can be downloaded as part of their current free online trial (as can a previous article on Honeynets as Counter-intelligence tools).

Honeynet Project mentioned in UK Guardian

Monday, November 19th, 2007

In his weekly “Dork Talk” column in the Guardian, this week Stephen Fry talks about the Storm worm. He cites the Honeynet Project amongst other sources (in particular, he’s citing the recent fast flux paper though he doesn’t quote it explicitly) and refers to us “the good guys”, thus, as I am a regular Guardian reader, making my day.

The article is not technical and, as you would expect from Fry, very well written. A good one to pass on to relatives, managers and other interested but not techy types.

KYE: “Behind the Scenes of Malicious Web Servers” released

Wednesday, November 7th, 2007

The Honeynet Project released a new Know Your Enemy: “Behind the Scenes of Malicious Web Servers” white paper today, which follows up on recent publications about malicious web sites and attacks against common web clients.

Abstract:

“In this paper, we increase our understanding of malicious web servers through analysis of several web exploitation kits that have appeared in 2006/07: WebAttacker, MPack, and IcePack. Our discoveries will necessitate adjustments on how we think about malicious web servers and will have direct implications on client honeypot technology and future studies.”

Lots of cross over with recent UKHP activity and well worth a read.