Honeypots (honeypots) Mailing List

Re: Stealth VM

Mon, 6 Oct 2008 07:52:08 -0400

Posted by Michael Bailey on Oct 6

We discussed the extent of and several techniques for honeypot
fingerprinting in our paper "Towards an Understanding of Anti-
virtualization and Anti-debugging Behavior in Modern Malware" (http://www.eecs.umich.edu/~mibailey/publications/dsn08_final.pdf
). Techniques for...

Stealth VM

Mon, 6 Oct 2008 08:20:09 +0100

Posted by Stuart Gilchrist-Thomas on Oct 6

Hi,

Does anyone have any pointers to evidence or advice on hiding or reducing the detection of VM honey pots. I know of temporal issues e.g. Timing metrics can give away a VM, and that you can manually alter peripheral identities e.g. virtual network cards etc.
I've also created a company to...

Re: Honeypot VMs

Tue, 23 Sep 2008 17:40:38 -0400

Posted by Jason Lewis on Sep 23

I should have mentioned I'm using roo from The Honeynet Project.
https://projects.honeynet.org/honeywall/

I saw that someone had a VM with nepenthes
(http://www.sparsa.org/node/23) and wondered if anyone else had created
ready to go VMs. It would save me some time.

jas

Jason Lewis wrote:
...

Honeypot VMs

Tue, 23 Sep 2008 14:54:21 -0400

Posted by Jason Lewis on Sep 23

Are there any honeypot VM resources? I've seen the SPARSA one, but the
link is dead.

jas
Received on Sep 23 2008

Picviz 0.3 released

Sat, 20 Sep 2008 10:22:31 +0200 (CEST)

Posted by Sebastien Tricaud on Sep 20

Picviz 'good coffee' 0.3 is *out*.
...to have a good coffee, we must filter it!

What is Picviz ?
================

Picviz is a parallel coordinates plotter, written to help people
finding a needle in a haystack when dealing with numerous events
on their system and struggling to maintain an...

Hack.lu 2008 update

Wed, 10 Sep 2008 13:51:46 +0200

Posted by hack.lu 2008 on Sep 10

Hi all,

Hack.lu 2008 is getting closer and closer.

Find hereafter the line-up of speakers and talks for this year's event:

Saumil Shah - Browser Exploits - A new model for Browser security
Roelof Temmingh - Investigating individuals and groups using open source
intelligence
Paul Craig -...

Release of Client Honeypot Capture-HPC v2.5.1

6 Sep 2008 19:57:55 -0000

Posted by christian.seifert_at_gmail.com on Sep 6

('binary' encoding is not supported, stored as-is) The Honeynet Project (http://www.honeynet.org) and School of Mathematics, Statistics and Computer Science at Victoria University of Wellington (http://www.mcs.vuw.ac.nz/) are excited to announce the release of Capture-HPC v2.5.1. Capture-HPC is...

RUXCON 2008 Final Call For Papers

Tue, 2 Sep 2008 05:14:34 +0000 (UTC)

Posted by cfp_at_ruxcon.org.au on Sep 2

RUXCON 2008 FINAL CALL FOR PAPERS

Ruxcon would like to announce the final call for papers for the fifth annual
Ruxcon conference.

This year the conference will take place over the weekend of
29th to the 30th of November.

As with previous years, Ruxcon will be held at the University of
...

PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 1213) and BA-Con 2008 Speakers (Sept. 30 Oct. 1)

Tue, 26 Aug 2008 13:02:25 -0700

Posted by Dragos Ruiu on Aug 26

Spanish url: http://ba-con.com.ar/speakers.html?language=es

Speaker list and Dojos for BA-Con, September 30, October 1st.
(all presentations in both Spanish and English)

Presentations:

WPA/WPA2: how long is it gonna make it - Cédric Blancher & Simon Maréchal,
...

Picviz 0.2 is out!

Thu, 7 Aug 2008 14:39:58 +0200 (CEST)

Posted by Sebastien Tricaud on Aug 7

Release note for Picviz 0.2
===========================

Picviz is a parallel coordinates plotter which enables easy scripting from
various input (tcpdump, syslog, iptables logs, apache logs, etc..) to visualize
your data and discover interesting results quickly.

Picviz helps you to create,...