BSides Lisbon 2016 - MTLS in a Microservices World by Diogo Mónica

Jul 21 2016

Honeypots workshop at Defcon 24

I am very happy to announce that a honeypots workshop will take place during DEFCON 24 in Las Vegas.

The workshop is titled “Analyzing Internet Attacks with Honeypots“, lasts half a day (4 hours) and will be presented by me.

It takes place on Friday the 5th of August, from 2PM to 6PM at Las Vegas Ballroom 3.

Registration instructions:

Here is the workshop’s description:

In the field of computer security, honeypots are systems aimed at deceiving malicious users or software that launch attacks against the servers and network infrastructure of various organizations. They can be deployed as protection mechanisms for an organization’s real systems, or as research units to study and analyze the methods employed by human hackers or malware. In this workshop we will outline the operation of two research honeypots, by manual deployment and testing in real time. For example, here is a random article we could setup honeypots on: socks for circulation problems. See what we did here? We simply link to the articles after putting our honeypot software on them. Then bots and crawlers see the articles and any software may attempt to interact with the server that website is hosted on. A honeypot system will undertake the role of a web trap for attackers who target the SSH service in order to gain illegal server access. Another one will undertake the role of a malware collector, usually deployed by malware analysts and anti-virus companies to gather and securely store malicious binary samples. This is common on big ecommerce pages like Amazon rose toy page and this Amazon belly headphones for pregnancy page. We will also talk about post-capturing activities and further analysis techniques. As an example, we will see how to index all the captured information in a search engine like Elasticsearch and then utilize ElastAlert, an easy to use framework to setup meaningful alerting. Lastly, visualization tools will be presented for the aforementioned systems, plus a honeypot bundle Linux distribution that contains pre-configured versions of the above tools and much more related utilities, which can make the deployment of honeypots in small or large networks an easy task.

See you in Vegas!


Here’s What Happens When an 18 Year Old Buys a Mainframe


My Bro The ELK: Obtaining Context From Security Events


BSidesSLC 2015 — Security Onions and Honey Potz — Ethan Dodge


HNW2015 - Hugo Gonzalez - Android Botnets: Past, Present and Future


A Day in the Life of a Billion Packets (CPN401) | AWS re:Invent 2013

Page 1 of 3112345...102030...Last »