Blog Posts Tagged with "HoneyPot"
Jihadi Sites Fall Down, Go Boom... Again
April 09, 2012 Added by:Scot Terban
At first I thought that players in the patriot hacker movement may have been involved, but it seems more so now that all points to a concerted action by governments. The hacking of the sites likely was done via bad installs of PHP and SQL on the boxes that the databases resided on...
Comments (0)
How They Do IT: Spam Filters
February 09, 2012 Added by:Alan Woodward
The current volumes of spam email are extraordinary. Between 70% and 80% of all email sent are spam. As none of the current methods described here are completely effective, there is still scope for much further research in this area...
Comments (0)
Snort and SCADA Protocol Checks
January 26, 2012 Added by:Brent Huston
There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...
Comments (0)
Paper Frames Debate on Big Brother in Critical Infrastructure
September 09, 2011 Added by:Chris Blask
The three scenarios exercise the legal issues of government access to information of increasing depth. The first two speak to capabilities that should be further developed -honeynets and continuous monitoring - while the third scenario in part touches on workforce development...
Comments (1)
Learning USB Lessons the Hard Way
April 20, 2011 Added by:Brent Huston
Our inspection revealed a job in the scheduler set to kick off on Saturdays at 5am and launch this particular malware component which appeared to be designed to grab the cookies from the browser and some credentials from the system and users then throw them out to the host in China...
Comments (1)
Utilizing Forensics and Honeypots for VoIP Security
February 24, 2011 Added by:J. Oquendo
It's a game of sorting out what possible accounts exist on a machine, and which accounts can have a dictionary attack launched against them. The vast majority of attackers will use yet another SIPVicious tool called svcrack against a machine they've scanned and constructed an account list for...
Comments (0)
Why Fail2Ban Can Fail With VoIP
January 27, 2011 Added by:J. Oquendo
So an attacker launched a scan, who cares, it happens and even if I outright blacklist him, odds are, he is on a throwaway address or compromised host. Nevertheless he scans. At some point in time, he WILL come across the honeypot I left in plain sight for him...
Comments (0)
Project Honeypot HTTP Blocklist Module
December 30, 2010 Added by:Rob Fuller
Project Honeypot does an amazing job at keeping detailed information on scanners / harvesters and brute forcers, the likes of which are the daily enemy of said admins. They offer a service called HTTP Block List or 'HTTP:BL'...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR