http://www.honeynet.org Honeynet Project en-us http://www.honeynet.org The Honeynet Project and Capture-HPC v2.5.1 . Capture-HPC is an innovative security product that is able to find and investigate the increasing problem of client-side computer attacks. This new software release aims at further improving the speed and scalability of the software allowing for large scale deployments of client honeypots. It is written and distributed under the GNU General Public License, v2. Capture-HPC is a computer security product that allows anyone to: investigate client-side computer attacks; security researchers to find and study malicious servers; virus and malware researchers to collect malware pushed by malicious servers; network administrators to monitor their systems for client-side attacks; and web site operators to monitor their web sites for unauthorized modifications with client- side attack code. 08 Sep 2008 00:00:01 GMT http://www.honeynet.org We would like to announce the release of honeywall@public.honeynet.org . 06 Jun 2008 00:00:01 GMT http://www.honeynet.org Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as snort rules and can be used to defend a network from future intrusion attempts. Nebula is developed by the Giraffe Chapter. 27 May 2008 00:00:01 GMT http://www.honeynet.org The Honeynet Project and Capture-HPC v2.1 . Capture-HPC is an innovative securityproduct that is able to find and investigate the increasing problem ofclient-side computer attacks. This new software release increases thefeatures and speeds performance allowing anyone to investigate a largerrange and quantity of client-side computer attacks. It is written and distributed under the GNU General Public License, v2 27 Mar 2008 00:00:01 GMT http://www.honeynet.org We are excited to announce a new mirrorin France, http://honeynet.click-internet.fr. 27 Feb 2008 00:00:01 GMT http://www.honeynet.org We are excited to announce the release of the newtool Honeynet Project Australian Chapter .Tracker facilitates the identification of abnormal DNSactivity. It will find domains that are resolving to a large number ofIP's in a short period of time then continue to track those hostname->IPmappings untill either the hostname nolonger responds or the user decidesto stop tracking that hostname. Really efficient at finding fast-flux domains and other dodgy A-Record rotations 23 Feb 2008 00:00:01 GMT http://www.honeynet.org We are excited to announce the additionof the Honeynet Project Australian Chapter , led by Shaun Vlassis 10 Feb 2008 00:00:01 GMT http://www.honeynet.org We are excited to announce the additionof the Honeynet Project Czech Chapter , led by David Vorel 07 Feb 2008 00:00:01 GMT http://www.honeynet.org We are excited to announce the releaseof our latest KYE paper, KYE Lite: Proxy Threats - Socks v666 .This paper is our first ever 'KYE Lite' paper. These are shorter papers that focus on veryspecific topics. In this paper we discuss: the basic operational concept of how reverse tunnel proxies work, a new customized control protocol in use, the advantages to the criminal community, a detailed example and it's similarities to legacy SOCKS protocols, and how this activity can be further identified including mitigation strategies 29 Jan 2008 00:00:01 GMT http://www.honeynet.org We are thrilled to announce a newChapter on the team, the Malaysian Chapter . Led by Meling Mudin, we are excited to havehim and his members on board. 22 Jan 2008 00:00:01 GMT http://www.honeynet.org Dooh! A bit late, but team member David Watson presented on Global DistributedHoneynets (GDH) at PacSec, 2007. Check out what Dave has planned forthe near future 17 Jan 2008 00:00:01 GMT http://www.honeynet.org The Spanish Honeynet Project has released their own papertitled in Spanish . Gracias 13 Jan 2008 00:00:01 GMT