Capture-HPC Version 2.5 Released
Tuesday, September 2. 2008
In the recent years and months, we observed a shift in how attackers compromise systems: since the operating systems are getting better and better, client-side attacks are on the rise ("0wning the client is the new black"). Therefore we need a different kind of honeypots to learn more about this kind of attacks. Instead of using "classical" honeypots with which you typically detect attacks against server applications, different people began to develop client-side honeypots that can detect attacks targeting client application: for example, we can detect malicious web sites that attack the visitor's web browser. One example of such a client-side honeypot is Capture-HPC. Today version 2.5 of Capture-HPC has been released. Capture-HPC is released under the terms of the GNU General Public License, v2. You can download the tool at https://projects.honeynet.org/capture-hpc/wiki/Releases. More information about client-side honeypots is available in Chapter 8 of our book Virtual Honeypots. In the next few weeks, I'll report on more results we obtained with client-side honeypots: we now have six Capture-HPC clients running at our lab that examine spammed URLs.
".
