Archive for January, 2008

New release of the Honeywall CDROM

Friday, January 4th, 2008

There’s a new (beta) release of the Honeynet Project’s “Honeywall” CDROM out. This release (1.3b) fixes some bugs but the main change is a move from the no longer supported Fedora Core 6 platform to CentOS 5. This should give us less work keeping the base platform up to date and more time to work on adding cool new features 🙂

We’ve also moving to a more open development model for the CDROM. Although it’s always been GPL’d, the development processes has been closed and it’s been hard for outsiders to add features/hack code. I’m pleased to say that that’s now changed, and there’s a new Trac site with a svn tree, wiki and all the usual stuff. The Honeywall public mailing list is also still available.

Cool stuff that will be coming in the future includes a move to hflow2 for better flow decoding and analysis and changes to the build processes to make it easier to use.

Credits: Earl Sammons, Rob McMillen and myself did the CentOS port. Steve Mumford and Dave Watson did all the work in setting up our new infrastructure to enable more open development.

Honeynet Project restructuring and elections

Friday, January 4th, 2008

The Honeynet Project has recently completed a major internal restructuring, which sees the end of the Research Alliance and a move to a new Chapter based membership model (for example, we become the Honeynet Project’s UK Chapter). You can find out more about the new organisation, it’s bylaws and further membership information here.

As part of this restructuring process, active Honeynet Project members have elected a new Board of Directors and assigned various operational positions for the next three years. This includes David Watson from the UK group, who becomes a Honeynet Project Director and it’s Chief Research Officer.

With the restructuring process now complete, we are looking forward to getting back to honeynet research and development. A second, larger phase of our Global Distributed Honeynet (GDH) is already planned for 2008, along with more collaboration with other active security research groups.