Some new and interesting work building on an in-kernel module for high interaction honeypots: http://arxiv.org/pdf/1507.03117v1.pdf
Tag Archives: honeypot
Elastic search honeypot
Nothing too exciting here, however with the industry clamoring for Big Data analysis and elastic search being a tool of choice for many, this could have real future implications.
http://jordan-wright.github.io/blog/2015/03/23/introducing-elastichoney-an-elasticsearch-honeypot/
Honeypot sinkhole and malicious traffic detection:
Dear Readers,
I recently came across this project Project Nova and found the concept intriguing when the idea of ‘hack-back’ is so prevalent but due to necessary legal constraints often renders this course of action prohibitive. So being a fan of the work produced by DataSoft I wondered if there ways to move the technology forward. At the heart of the technology there are two key components: 1. the network traffic identifier and the dynamic honeypot creation.
Today I was given an interesting tip to check out the Cisco Traffic Anomaly Detector, combined with some modern day honeypot technology this could really be a nice solution to dealing with incoming threats and enabling later analysis
And that’s all for now