Sep 14 2013

Honeypot Workshop @ BruCON 2013

It’s that time of the year again, when security enthusiasts gather to Belgium to participate in one of the most successful security conferences in Europe: BruCON 2013.

This year, and after some fellow honeypot enthusiasts suggested to me that I should, I submitted an application to present a honeypots workshop. And I have some good news for you, since it got accepted!

So… heads up for every honeypot enthusiast or curious researcher coming to BruCON 2013: I will be presenting the “Analyzing Internet Attacks with Honeypots” workshop.

The workshop lasts 4 hours and it will take place on Thursday, 26 September, during two consecutive 2-hour slots: 2.00pm-4.00pm and 4.30pm-6.30pm. The workshop’s location is at La Trappe.

Here is the workshop’s description:

In the field of computer security, honeypots are systems aimed at deceiving malicious users or software that launch attacks against the servers and network infrastructure of various organizations. They can be deployed as protection mechanisms for an organization’s real systems, or as research units to study and analyze the methods employed by human hackers or malware. In this workshop we will outline the operation of a two research honeypots, by manual deployment and testing in real time. A honeypot system will undertake the role of a web trap for attackers who target the SSH service in order to gain illegal server access. Another one will undertake the role of a malware collector, usually deployed by malware analysts and anti-virus companies to gather and securely store malicious binary samples. We will also talk about post-capturing activities and further analysis techniques. Furthermore, two visualization tools will be presented for the aforementioned systems, plus a honeypot bundle Linux distribution that contains pre-configured versions of the above tools and much more related utilities, which can make the deployment of honeypots in small or large networks an easy task.

Participants are encouraged to bring a laptop with VirtualBox installed!

See this year’s BruCON full schedule here: http://sched.brucon.org/

More in Blog News, General News, Honeypots, Malware, Visualization
Kippo-Graph 0.8 released - BruCON edition
How to resize an EC2 root partition
Kippo-Graph: v0.7.7 (now on GitHub!)
Analyzing the Honeynet Map