www.computers.dmoz2007.org

Face Recognition hardware and software for computer network access and secure access applications.

Offers customized software security solutions for business.

Fingerprint identification and access control solutions provider and integrator in Malaysia.

Manufacturer of the PatriotBox HoneyPot server.

Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.

Created to detect when anyone attempts a Back Orifice scan against your computer. Also detects attempted connections to other services, such as Telnet, FTP, SMTP, POP3 and IMAP2.

A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking

A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.
Using a pronounceable word algorithm, in order to make sure that the email address appears valid to any filters running on the crawler side. Through its web-based administrative interface, BASTED can generate reports about spam-mail received and usernames mailboxes generated by the php script, ascociate those results, report IP addresses of spammers and spamcrawlers, and last but not least, create abuse reports in the easiest fashion. BASTED is written in php and perl, and also requires a

An open proxy honeypot (proxypot) that pretends to be an open proxy. Designed primarily to catch the mail spammer.

This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.

The Artemis Project (Chinese Honeynet Project).

A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.

Configuring and deploying Sink Hole Routers, which are the network equivalent of a honey pot.
And DDoS attacks. Global Footprint Headquartered in Chelmsford, MA, USA, Arbor has RD facilities in Ann Arbor, MI. Its EMEA operations are based in London, with its Asia operations in Singapore. Integrity and Compliance Program Please go towww.danaherintegrity for a copy of our Standards of Conduct or to make a report on the Danaher Integrity and Compliance Helpline..Terms And Conditions Of Use And Notices This web site is provided by Arbor Networks, Inc. (Arbor Networks) as a service to its

The goal of this project is to organize dispersed honeypots across the Internet and share findings with the security community.

Connection Redirection Applied to Production Honeypot.

A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.

GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.
These are neutered versions of GHH. They look like our honeypots and will be indexed like our honeypots, however the real versions write attacker info to a log, these just output the HTML as a demo..At release GHH has seven honeypots available for the community to use. New Google Hacks are being discovered all the time and we are looking for developers to help create, test and submit new honeypots as they are available. Read up on the Developer FAQ and get to know the User Manual along with the

An Active Server Pages (ASP) compliant web server honey pot, that detects common attacks against web servers and logs the requests in a real-time viewer . It can recognize Buffer Overflows , Denial of

A tool for semi-automatically creating emulators of network server applications.

A platform independent low interaction client honeypot that allows identify rogue servers on the web.

A system for automated generation of signatures for network intrusion detection systems (NIDSs).

Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.

Honeyd configuration wizard, a SQL Interface, and reports.
Are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ,).

A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned.

HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs.

Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot.
2002. Write up.Tecnicas de Oculta o de Tr fego de Rede em Honeypots de Alta Interatividade, Luiz Gustavo C. Barbato e Antonio Montes, Anais do VI Simp sio sobre Seguran a em Inform tica (SSI& ,2004), (S o Jose dos Campos, SP), Novembro de 2004. PDF Abstract Resumo BibTeX PDF presentation.SMaRT Resultados da Monitora o de Atividades Hostis em uma M quina Preparada para ser Comprometida, Luiz Gustavo C. Barbato e Antonio Montes, I WorkComp Sul - Unisul - Universidade do Sul de Santa Catarina,

Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.
Recently migrated to a new, public webserver. This new system is based on Drupal, allowing our members a more interactive system, such as blogging and maintaining their own chapter pages. Please use the menu at the home page to find the content you are looking for. If you are looking for old files or links, you can still find our old content archived at http old.honeynet. If you have any questions or suggestions, please email project@honeynet. Thanks!.

A weblog about with IT-security, honeypots, and honeynets.
To be supported by some evidence of feasibility or preliminary quantitative results. Important dates.Recently I recorded a longer podcast together with Tim Pritlove on malware and botnets. It was published a few days ago as Chaosradio Express 155. The podcast is in German and lasts for about 2.5 hours. The podcast is available at http chaosradio.ccc.de cre155.html and you can also get it via iTunes. Here the German description Malware hat sich in den letzten 10 Jahren von einem Forschungsfeld zu

Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.

Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensi

White papers, mailing list and other resources related to honeypots.
Solve depends on how you build deploy and use them..If you are interested in learning more about honeypots and honeypot related technologies, you may want to consider joining the Honeypot maillist. A lightly moderated maillist, this forum is open to the public to discuss honeypots, what they are, how they work, and other related issues. If you want to cruise the archives, you can find them online here..

Index of over 75 papers on Honeypots.
Adversaries during and after exploitation of a honeypot. Deploying physical honeypots is often time intensive and expensive as different operating systems require specialized hardware and every honeypot requires its own physical system. This paper presents Honeyd, a framework for virtual honeypots, that simulates virtual computer systems at the network level. The simulated computer systems appear to run on unallocated network addresses. To fool network fingerprinting tools, Honeyd simulates the

A honeynet gateway on a bootable CDROM.

Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming
Impost uses Perl as it scripting engine. Perl is very common on most systems and is very easy to learn. When making a script to control Impost behaviour for client server communication, every script is required to have these 2 sub routines.Without these sub routines, Impost will not function properly! The on_server_accept sub routine is called everytime a new connection is established. The function receives two arguments, $_ 0 is the I.P. address of the connecting client, and $_ 1 is the file

This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments.

A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans.
Learn about malicious attackers (hereafter called intruders) and their tactics. Honeypots have proven their value in this area. For example, using honeypots, the Honeynet Project (http www.honeynet) learned that the majority of attacks are automated by malicious mobile code (i.e., viruses, worms, and Trojan horses) and scripts. Although manual attacks aren t as common, patient intruders will find exploitable holes. Using honeypots, the project members uncovered complex intruder undergrounds

An Introduction to second generation honeynets (honeywalls).
This new system is based on Drupal, allowing our members a more interactive system, such as blogging and maintaining their own chapter pages. Please use the menu at the home page to find the content you are looking for. If you are looking for old files or links, you can still find our old content archived at http old.honeynet. If you have any questions or suggestions, please email project@honeynet. Thanks!.

A program that creates a tarpit or, as some have called it, a "sticky honeypot".
Sell you .).

A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwc

A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms.

Netbait Commercial Honeypot.
Once it is implemented on your site, you can create your own private and company-specific functionality that would execute any range of tasks..Will it create additional security risks? The NetBait platform poses no security risk to any network infrastructure by default. That said, there are certain rules implementing no risk functionality, including no active services, no remote administration, no local access, and configuration reload only from NetBait Enterprise. If these rules are ignored

Papers and information on honeypots, especially application layer, e.g. PHP applications, from the New Zealand branch of the Honeynet project (http://www.honeynet.org/).

Philippine Honeynet Project. Includes transcript of a VMWare Honeynet using Windows XP / Windows 2000 as the base OS.

Information on their honeypot farm using HoneyMole.

A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites.
Messages we receive and share the resulting corpus with anti-spam developers and researchers. The data participants in Project Honey Pot will help to build the next generation of anti-spam software. Project Honey Pot was created by Unspam Technologies, Inc an anti-spam company with the singular mission of helping design and enforce effective anti-spam laws. We are always looking to partner with top software developers and enforcement authorities. If there is some way we can help you fight spam,

Incident analysis for a compromised default honeypot installation of RedHat Linux 6.2. Includes design, configuration and log details for the compromised machine.

SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).
And support various FTP commands, depending on their application requirements. The Ethernet communication module of the PLC typically runs an embedded operating system that includes standard network protocol as well as implementations of industrial network protocols such as Modbus TCP or EtherNet IP. For example, telnet and FTP servers are common and have identifying information which can be used to determine the vendor and version of software. Even on the industrial protocol side, we saw that

Directory of articles, white papers, and documents on honeypots and other security topics.

This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer.
End of Support Life is July 31, 2011. Assure uninterrupted technical support by upgrading or purchasing a Support Extension..

A honeypot system and "Honeypot Exchange Program."

A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data.
Geomajas Geomajas is a web mapping GIS software with full vectorial editing capabilities, and support for custom attribute relation models in the browser. It has built-in support for any type of query, selection, filtering, snapping, printing, ..Q Light Controller Q Light Controller is a cross-platform application to control DMX or analog lighting systems like moving heads, dimmers, scanners and other effects. Our goal is to replace expensive and somewhat limited hardware lighting desks with

Member site of Honeynet Project's Honeynet Research Alliance

Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.
WWW Robots (also called wanderers, spiders, crawlers, or bots) are programs that crawl the Web continually retrieving linked pages. When a spammer bot visits your website, blog, forum, etc, all pages and sites linked to it will be searched looking for email addresses. Now you can fight back against their robots! All you have to do is link to this page so that whenever a spammer robot scans your page, it will be sucked into this one. To link to this page, just use this simple code.

Independent non-profit research organization of security professionals dedicated to information security focused on honeynet technologies.

A collection of programs to deploy, run and analyse network and host simulations in IP networks.

Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots.

LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper)

Describes different commercial and freeware honeypots.
Insecurity.All rights reserved.

A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event
Mistyped the address you were looking for. Please use the navigation links on the left to find the page you are looking for, or click on the big red Welsh dragon to make your way to our home page!.Team Cymru 16W361 S. Frontage Road Suite 100 Burr Ridge, IL 60527 USA.

A simple honey pot program based on iptables redirects and an xinetd listener.

Provides information surrounding security threats and vulnerabilities active in the wild on UK networks. Home of Honeysnap, tool to analyse Honeywall pcap files and extract summary information.

Information on deploying a Virtual Honeynet based on Honeywall using VMware.

WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application
Getting industry leading knowledge..At Maven we use a blend of automated and manual testing to make sure that you get good value and maximum coverage of the threat profile. Every engagement is different, but some of the usual suspects are.For full details of how our testing methodology would help secure your specific application, please contact us. We look forward to helping you secure you secure your Internet or intranet applications..All Rights Reserved.Remote Security Testing for Web

Document outlines the weaknesses of different existing approaches to catch malware – especially bots – and shows how Medium Interaction Honeypots solves these problems. [PDF] (April 7, 200