The November edition of Elsevier’s Network Security publication contains the second part of an article on web application attacks written by David Watson of the UK Honeynet Project and can be downloaded as part of their current free online trial (as can a previous article on Honeynets as Counter-intelligence tools).
The Honeynet Project released a new Know Your Enemy: “Behind the Scenes of Malicious Web Servers” white paper today, which follows up on recent publications about malicious web sites and attacks against common web clients.
Abstract:
“In this paper, we increase our understanding of malicious web servers through analysis of several web exploitation kits that have appeared in 2006/07: WebAttacker, MPack, and IcePack. Our discoveries will necessitate adjustments on how we think about malicious web servers and will have direct implications on client honeypot technology and future studies.”
Lots of cross over with recent UKHP activity and well worth a read.
The October edition of Elsevier’s Network Security publication contains part one of an article on web application attacks written by David Watson of the UK Honeynet Project, with the second part to follow in November.
The Honeynet Project has released a new Know Your Enemy white paper on malicious websites and attacks against web browsers: “In this paper, we take an in-depth look at malicious web servers that attack web browsers, and we evaluate several defensive strategies that can be employed to counter this threat of client-side attacks. All the malicious web servers identified in this study were found with our client honeypot Capture-HPC”. This paper contains lots of interesting web attack related material.
http://www.honeynet.org/papers/mws/
The Honeynet Project have released a new KYE white paper. KYE: Fast-Flux Service Networks describes how attackers are developing more robust and scalable networks for delivering cyber-crime, based on networks of compromises hosts with rapidly changing DNS records and layers of proxy server redirection.
‘Honeynets: a tool for counterintelligence’ published by Elsevier’s Network Security magazine (David Watson - item #4).
Camouflaging Honeyd: A method for camouflaging honeyd has been released by Bryan Graham and Xinwen Fu: http://students.cs.tamu.edu/xinwenfu/honeyd_tamu/
Honeypots against Spam: Details of a second warrant for a case where proxypot/honeypot information was significant: http://www.proxypot.org/yui.pdf