UK Honeynet Project 

The European Network of Affined Honeypots: A new EU funded honeynet group has started, made up mostly of Greek and Dutch members to date. “NoAH is an EU co-funded project which will take a step towards achieving an active and more complete approach to networks and systems security. The goal of NoAH is to produce a design study and perform the necessary technical work towards the development of an infrastructure for security monitoring, based on honeypot technology. They are looking for people who are in the area of systems administration, security or research to help them by completing their questionnaire. The questions are not mandatory and can be completed anonymously.” For more information see: http://www.fp6-noah.org/

Roo online manuals updated: the online manuals for the Honeynet Project’s GenIII Honeywall CDROM have been significantly updated, including a new section on analysis using the Walleye interface: http://www.honeynet.org/tools/cdrom/roo/manual/6-analysis.html

Honeyclients: Kathy Wang presented her work on honeyclients at RECON (http://www.recon.cx) on Saturday: http://www.honeyclient.org

DFRWS 2005 Forensic “Memory Analysis” Challenge: “Memory analysis is one of the primary themes of the 2005 Digital Forensics Research Workshop (DFRWS). In an effort to motivate discourse, research and tool development in this area, the Organizing Committee has created the intrusion/intellectual property theft scenario detailed at http://www.dfrws.org/2005/challenge/. This memory challenge is open to all, and team efforts are encouraged. An award will be given to the group that extracts the most information from the memory dumps, and the quality of documentation and novelty of techniques will be considered when choosing the winner. Network traffic associated with this intrusion will be made available during the workshop.”

Honeynet Project Add Individual Whitepapers: the Honeynet Project have added a section to their public web site for non-KYE whitepapers by individual members of the Honeynet Project Research Alliance: http://www.honeynet.org/papers/ This should be a useful resource for researchers and the community. Hopefully external and peer reviewed papers will also be added shortly.

Microsoft Honeymonkeys: Microsoft’s honeymonkeys initiative is in the news and generating a lot of interest: http://www.newscientist.com/channel/info-tech/dn7400 “…out code designed to attack a computer and will sound an alarm if any code is executed in contravention of a machine’s security settings, or if key system-parameters are unexpectedly altered. They use a software forensics package called Strider, previously created by Microsoft researchers to detect such changes.” More details here and should be interesting: http://research.microsoft.com/sm/strider/
http://www.research.microsoft.com/asia/dload_files/group/system/2003/LISA.pdf

Honeynet Research Alliance bi-annual reports published.

Project Honey Pot is an attempt to create a distributed system for tracking spammers who harvest email addresses by web site crawling. Install the software on your web server and unique mail addresses are created to link the attacker IP and time to recieved spam.