< CWSandbox vs. Click-Fraud Trojans | Call for Paper: 16th USENIX Security Symposium >

Hack In The Box 2006 Honeypot Summary

I'm now back from Hack In The Box 2006, the largest security conference in Asia. It was a really nice conference and if you have some time next year, you should go there and enjoy the conference!

From a honeypot point of view, there were three interesting presentations:
  1. Michael Davis - "Client Honeypots - Its not only the network": he did a presentation about client-side honeypots, i.e., honeypots that are able to learn more about attacks against client applications like web browsers or e-mail clients. This kind of honeypots typically searches for malicious content, e.g., by crawling the web. The presentation contains links to the four most prevalent client-side honeypot solution available for now.
  2. Nguyen Anh Quynh - "Towards an Invisible Honeypot Monitoring Tool": the presentation by Nguyen was about Xebek, a monitoring solution for honeypots based on Xen. It overcomes most of the weaknesses by Sebek, and he plans to publish it in the near future (hopefully).
  3. Thorsten Holz - "Playing with Botnets for Fun and Profit": my presentation dealt with nepenthes, CWSandbox, and some economic aspects of botnets.

All slides are now available at the material site.
This entry was posted by Thorsten Holz on Monday, September 25. 2006 at 19:13. and is filed under honeynets. You can leave a response, or trackback from your own blog. All new comments are subject to moderation before being displayed.

Trackbacks

Trackback specific URI for this entry

    No Trackbacks

Comments

Display comments as (Linear | Threaded)

    No comments


Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA
 
Submitted comments will be subject to moderation before being displayed.