|
 Ga naar: Overzicht van publicaties van The Honeynet Project
Het Honeynet Project verricht onderzoek naar computercriminaliteit door "lokcomputers" oftwel "honeypots" over te laten nemen door computercriminelen en te bestuderen wat er vervolgens gebeurt. Onderstaand het overzicht van artikelen die voor april 2005 online werden gepubliceerd, volg de link voor het meest recente overzicht. Know Your Enemy: Phishing - 17 May, 2005
This paper documents how attackers build and use their infrastructure for Phishing based attacks. This highly technical and indepth paper is based on data captured and analyzed from the UK and German Honeynet Project. Know Your Enemy: Honeywall CDROM - 17 May, 2004
This paper introduces you to the concepts of the Honeywall CDROM, a bootable Honeynet gateway. Anyone wanting to deploy a honeynet should seriously consider this solutions, as it standardizes deployments and combines all of our tools, including data control, data capture, and data analysis. Know Your Enemy: Tracking Botnets - 14 March, 2005
This paper documents discusses what Botnets are, who is using them, how, and why. It also introduces the tools 'mwcollect' and 'drone' which can be used for collecting malware and tracking Botnet activity. Know Your Enemy: Trends - 21 December, 2004
This paper documents how over the past several years, the life expectancy has dramatically increased for unpatched or vulnerable Linux systems. The purpose of this paper is to make you ask "Why is no one hacking Linux anymore?". Know Your Enemy: Honeywall CDROM - 07 May, 2004
This paper introduces you to the concepts of the Honeywall CDROM, a bootable Honeynet gateway. It then demonstrate in detail how the CDROM is configured, deployed, and the internal mechanisms. Anyone want to deploy a honeynet should seriously consider this solutions, as it standardizes deployments via an appliance. Know Your Enemy: Honeynets in Universities - 26 April, 2004
This paper covers how academic institutions can deploy honeynets in their networks. We cover the lessons learned from GA Tech deploying a honeynet on their internal .edu network, how they got permission, and the successes they had. The purpose of this paper is to make it easier for any university or college to deploy a honeynet, for either research or operational activity. Know Your Enemy: Sebek - 17 November, 2003
A detailed look into one of the Project's primary tools for an attacker's activity on a honeypot, even encrypted activity, such as SSH, burneye, and IPSec. This paper covers what Sebek is, its value, how it works, strengths and weaknesses, and how to analyze data recovered by Sebek. Profiles - Automated Credit Card Fraud - 10 July, 2003
A look at just how easy, automated, and wide spread credit card fraud and identity theft has become, even amongst unskilled individuals. Know Your Enemy: GenII Honeynets - 03 November, 2003
This papers describes step-by-step how to build, deploy, and test a 2nd generation (GenII) Honeynet using the latest technologies. GenII Honeynets are considered easier to deploy, harder to detect, and safer to maintain then the original GenI technologies. Know Your Enemy: Honeynets - 12 November, 2003
This paper is an overview of the concepts, values, risks, and issues of Honeynets. This paper does not discuss the technical details of Honeynet technologies. Know Your Enemy: Defining Virtual Honeynets - 27 January, 2003
This paper defines what a Virtual Honeynet is, its advantages and disadvantages, and the different way they can be deployed. Know Your Enemy: Learning with User-Mode Linux - 20 December, 2002
This paper explains step by step how to build a GenI virtual Honeynet using OpenSource software. Deploy a complete Honeynet using nothing more than an old 486 computer and free software! NOTE: This paper is no longer actively maintained. Know Your Enemy: Passive Fingerprinting - 04 March, 2002
This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive sniffer traces only. NOTE: This paper is no longer actively maintained. Know Your Enemy: Motives - 27 June, 2000
This paper studies the motives and psychology of a group of simple attackers, all in their own words. NOTE: This paper is no longer actively maintained. Know Your Enemy: Statistics - 23 July, 2001
This paper analyzes eleven months of data collected by the Honeynet Project. Based on this data, we demonstrate just how active the blackhat community is. We also demonstrate that it may be possible to predict future attacks. NOTE: This paper is no longer maintained and is considered out of date. Know Your Enemy: A Forensics Analysis - 23 May, 2000
This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we pieced the information together. The purpose is to give you the skills necessary to analyze and learn on your own the threats your organization faces. NOTE: This paper is no longer actively maintained. Know Your Enemy: Worms at War - 7 November, 2000
See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project. NOTE: This paper is no longer actively maintained. Know Your Enemy: III - 27 March, 2000
What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step. NOTE: This paper is no longer maintained and is considered out of date. Know Your Enemy: II - 18 June, 2001
How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. NOTE: This paper is no longer maintained and is considered out of date. Know Your Enemy - 21 July, 2000
The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can better protect your systems and network.
Commentaar |
 |
|
