HIHAT (High Interaction Honeypot Analysis Toolkit) - Update
Friday, August 3. 2007
A few days ago, Michael Müter released an update of his implementation for the diploma thesis on web-decoys at http://hihat.sourceforge.net/.
Features: HIHAT ...
Features: HIHAT ...
- automatically scans for known attacks.
- provides an overview mode which allows you to look for new incidents quickly.
- supports detailed information about all data correlated with every access to the honeypot.
- This includes but is not limited to HTTP-GET, HTTP-POST and COOKIE data.
- saves copies of malicious tools in a secured place for later analysis.
- provides a geographical, IP-based mapping about the attack sources.
- generates numerous statistics about all traffic recognized at the system.
".
