About site: Security/Honeypots and Honeynets - Anton Chuvakin Honeynet Reseach and Live Stats
Return to Computers also Computers
  About site: http://www.chuvakin.com/honeynet/

Title: Security/Honeypots and Honeynets - Anton Chuvakin Honeynet Reseach and Live Stats Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.
UnixGeeks_org A growing repository of resources and information related to the Unix operating system. All content is maintained by the group of users, to which membership is free.

Michel_Dalal\'s_Resume Summary of work experience, publications and awards.

MPlayerXP MplayerXP is branch of the well-known mplayer which is based on a new, thread-based core. The new core provides better CPU utilization and improves performance of video decoding.

More_Penguins Penguins by Larry Ewing and others.

The_Uncanny_Valley Popular explanation of Masahiro Mori's Uncanny Valley theory that explains why almost-human-looking robots scare people more than mechanical-looking robots.

UrlCruncher Provides URL a free shortening services - converts a long URL into a shorter URL.

  Alexa statistic for http://www.chuvakin.com/honeynet/





Get your Google PageRank






Please visit: http://www.chuvakin.com/honeynet/
  Related sites for http://www.chuvakin.com/honeynet/
    Telsource_Corp_ Manufactures channel banks, edge devices, monitoring equipment
    KD0YU_COM__Linux_and_Microcontrollers News and response site on this topic, rather like Slashdot and Linux Today.
    Open_SVG_Viewer Java based SVG viewer for Pocket PC's. [Open Source, GPL]
    Catalog_Maker Specializes in custom development of online applications ranging from e-commerce and web shows to portable multimedia presentation.
    Kannel__Open_Source_WAP_and_SMS_Gateway Open Source for WAP and SMS Gateway. Sites provides downloads of the software and related documentation.
    Delenda Automatically deletes old files in a set of folders. Continuously displays the number of files in each defined folder or tree. Automatically purges Macintosh files stored on NT/2000 file server.
    Cyraptor Specialized in Java software development, consultancy and training.
    Specsources Specsources is the interior design industry's standard furniture specification writing and project collaboration tool. Internet based interior design software
    CssDev Blog, resources and tutorials by Andy Peatling.
    VPDisk Enterprise-wide multi-platform security product. Transparently access encrypted files. 100% transparency, zero administration. Filesystem independent. Network ready.
    NNTPRelay The only carrier-class news router for Windows NT. Freely available and redistributable. Also available from the same authors is the freely available news server program "Tortoise" for Windows NT.
    Elegant_Clock_-_A&KS_Soft,_Inc_ Analog clock for Windows with skin support, by AKS-Labs, Inc.
    Totalmass_com Offers design, graphics, and multimedia services.
    PaganPaths An entire network dedicated to Paganism, with access available through the web as well as traditional IRC clients.
    Compass_Computing Designs web sites, including both static and dynamic sites, for small and large companies in London and Kent, England.
    NetStrategies Offers web design, managed hosting, application development, and search engine optimization.
    HTML_Calendar_Maker_Pro Use this program for Windows 95, 98, Me, 2000 and NT to elegantly create customized monthly web page calendars in seconds. It even includes built-in color schemes.
    RSS_Feed_Reader_/_News_Aggregators_Directory List of many feed readers, divided by platform and operating system.
    UnicorNation_-_The_MOTU-Mac_Web_Site Web community for users of Digital Performer, Performer, Unisyn, FreeStyle, and Mosaic. Forum and mailing list provided.
    PSSG Business-based consulting, training and documentation solutions, specializing in private sector privacy for conducting business in Canada.
This is websites2007.org cache of m/ as retrieved on 2008.09.07 websites2007.org's cache is the snapshot that we took of the page as we crawled the web. The page may have changed since that time.
Honeynet Status Data

Anton Chuvakin Honeynet

(run as a part of the Honeynet Research Alliance) Teporarily down as of 12/06/2005

Goals of the project

To learn about attacker techniques, methods and toolsa Test a SIM framework under realistic attack conditions Develop novel attack data analysis techniques for real-time correlation, anomaly detection and log data mining Study possibilities for statistical attack prediction Try various computer forensics tools to recover penetrated systems Experiment with various software and hardware configurations to accumulate attack statistics Collect Internet threat intelligence information

Progress of the Project

One honeynet is deployed since March 2002. Here are some of the findings we made and things we learned: Quarterly report for IV 2002 Quarterly report for I 2003 Quarterly report for II 2003 Quarterly report for III 2003 Quarterly report for IV 2003 Bi-annual report for 1/2 2004 Bi-annual report for 2/2 2004 [03/28/2005]

Honeynet Architecture

Initial setup includes 3 servers on a separate high-speed connection. Network topology diagram is shown below: Victim server (Linux, *BSD). Server is running www-apache/mail-sendmail/pop3/imapd/ftp/ssh-openssh/nfs/ntp/other services Firewall (using modified Honeynet project iptables script, remotely managed via ssh, logs forwarded to machine 3). IDS and analysis machine (Snort NIDS, Snort Spade, Bro NIDS, Argus, tcpdump, ipaudit, Shadow NIDS collector for IDABench, Honeynet Research Alliance compliant logging, mysql database, ACID, ssh for management, SIM agent, protected by host-based iptables firewall from all accesses with the exception of analyst workstation [see picture]). Data control, system management, alerting and information storing is to be implemented in strict compliance with Honeynet Definitions, Requirements, and Standards document ( http://project.honeynet.org/alliance/requirements.html)

Some honeynet research results

[ready]Current Internet Worm profiles: MSBlaster, CodeRed, Slammer, Welchia. How much worm is out there... [ready]My Scan of the Month Challenge #30 created using honeynet data and my official write-up for it.

Live Honeynet Status Data

STATUS: running normal, all systems up, data collection up [ready]Top probed ports statistics (daily, weekly, monthly) Top attacked ports statistics (daily, weekly, monthly) [ready]Top Snort NIDS alarms (daily, weekly, monthly) detected at the honeynet Top probing IP addresses (daily, weekly, monthly) Top attacking IP addresses (daily, weekly, monthly) Top aggressive scanners (daily, weekly, monthly) Top attacking countries (daily, weekly, monthly) Honeynet traffic profile (weekly)

Papers describing my recent honeynet research and data analysis

(06/18/2002) "Lessons of the Honeypot I: Aggressive and Careless" describes some of the lessons one can get from running a honeypot [published at SC Magazine web portal] (09/25/2002) "Lessons of the Honeypot II: Expect the Unexpected" outlines how honeynets and honeypots present an ultimate challenge in information security [published at SC Magazine web portal] (10/08/2002) "Whys and Hows of Honeynets and Honeypots" discusses issues in setting up and maintaining honeypots and honeynets, covers some of the honeynet data control and data capture requirements and touches on benefits from research honeypots in discovering attacks and attack patterns. [published in the ISSA "Password" magazine] (01/17/2003) "Honeypot Essentials" The paper describes the honeypot technology and how it can be used. [published in the "Journal of Information Systems Security"] (04/25/2003) "Days of the Honeynet: Attacks, Tools, Incidents" The paper covers some of the daily events happening in the honeynet - decoy network - run by the author [published at LinuxSecurity.com] Also featured on InfosecWriters.com (07/24/2003) "Honeynets: High Value Security Data" The article covers the types of data collected from the honeynet and its value for security [published in the Elsevier Compsec Online portal]

Presentations describing my recent honeynet research and data analysis

Implementing the Honeypot

My honeynet tools

Bash shell UDP logger patch FreeBSD sh shell UDP logger patch

About the project

This honeynet is run by Anton Chuvakin, Ph.D., GCIA, GCIH as a part of Honeynet Research Alliance. My PGP key can be found here. Last modified: Tue Sep 06 22:59:50 Eastern Standard Time 2006 _uacct = "UA-101395-1"; urchinTracker();
 

Live

honeynet

data,

papers

produced

as

a

result

of

the

honeynet

research

and

other

honeypot

and

honeynet

related

resources.

http://www.chuvakin.com/honeynet/

Anton Chuvakin Honeynet Reseach and Live Stats 2008 September

dvd rental

dvd


Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.

Rules

© 2008 Internet Explorer 5+ or Netscape 6+
Recommended Sites: 1. Arts - Business - Computers - Games - Health - Home - Kids and Teens - News - Recreation - Reference - Regional - Science - Shopping - Society - Sports - World Miss Gallery - Top Anime Hentai - DVD rental by mail - Secured Loans - Buy Anything On eBay - Photoshop Tutorials - Loan - Free Myspace Layouts
2008-09-07 06:03:28

Copyright 2005, 2006 by Webmaster
Websites is cool :) 242Hotel Ginebra - Hotel Basilea - Darmowa reklama - Konie - Albergo Brescia