SlideShare une entreprise Scribd logo

Bsides chicago 2013 honeypots

Télécharger en tant que PPTX, PDF
T
Tazdrumm3r
Technologie
1  sur  36
Be vewy, vewy quiet…. let’s watch some hackers..
Interactive portion intro Whoami What is a Honeypot? Different Honeypots Why Honeypots? Things I discovered Interactive portion end results
Interactive portion SSID – FBI Mobile IP address – 192.168.2.5 User ID – root The password is….123456
FatherHusband
Geek Antagonist of the shiny things
ShadowServer.org volunteer Security analyst Whoami
A Honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource. (May 2003)
Why Honeypots?
Why Honeypots?
Low interaction Server Honeypots
Windows XP SP 0 Windows Vista SP 0 Client Honeypots High Interaction Different Honeypots
Initial Research
A word of advice on using an EC2 instance.
GeoIP location Dionaea - Ireland
Dionaea stats Started  3/7/2013 Stopped 3/9/2013 Started  3/12/2013 Stopped  3/14/2013
Dionaea stats • Don’t forget to add your API key from VirusTotal to your config file!! • If you don’t add the API key, then the pretty visualization tool can’t do it’s job and you have to do manually!!!
144 109 71 56 17 14 14 9 9 8 Dionaea stats Top 10 IP addresses
Wireshark Analysis Attack Attempts
Malware Captures MD5 Virus Total Detection Ratio Common name Source IP Address/WhoIs 78c9042bbcefd65beaa 0d40386da9f89 44 / 46 Microsoft - Worm:Win32/Conficker.C • 209.190.25.37 • XLHost – VPS provider • http://www.xlhost.com/ 7acba0d01e49618e25 744d9a08e6900c 45 / 46 Microsoft - Worm:Win32/Conficker.B 69.28.137.10 LimeLight Networks - a Digital Presence Management company http://www.limelight.com/ 90c081de8a30794339 d96d64b86ae194 42 / 43 Kaspersky - Backdoor.Win32.Rbot.aftu 69.38.10.83 WindStream Communications – Voice and data provider http://NuVox.net bcaef2729405ae54d62 cb5ed097efa12 43 / 44 Kaspersky - Backdoor.Win32.Rbot.bqj 69.9.236.128 Midwest Communications – Comcast/WideOpenWest parallel http://midco.net/
GeoIP location Dionaea - recent
Kippo Started  2/27/2013 Stopped  3/1/2013 IP addresses • 14 unique IP addresses • Maximum password attempts – 1342 • Successful logins – 7 • Replay scripts – 1 •Files uploaded - 1
1342 1190 454 163 163 156 28 22 16 5 4 1 1 Kippo stats Attacker's IP addresses/connection attempts
GeoIP location Kippo – recent
Kippo statsroot bin oracle test nagios martin toor ftpuser user postgres info webmaster apache backup guest r00t public green demo site jeff andy i-heart user0 content 1856 67 17 10 9 6 6 6 5 5 5 5 4 4 4 4 4 4 4 4 4 4 4 4 3 Top 25 User names Times tried
Kippo stats 27 16 9 9 9 8 7 7 7 7 7 7 7 7 7 7 7 6 6 6 Top 25 Passwords Tries
Kippo stats Accounts that used 123456 as password User ID Tries root 7 ftpuser 3 oracle 3 andy 2 info 2 jeff 2 site 2 test 2 webmaster 2 areyes 1 brian 1 “7 successful logons? But your chart says 27 used the password of 123456?! WTF?”
Kippo stats root öÎÄ¥þ.òÄ¿Â¥ root !Q@W#E$ root !@$#jMu2vEUIOLweoP#!TTG$@#dsgfGR#$sgs root !Q@W#E$R root $hack4m3baby#b1gbroth3r$ root !Q@W#E$R% root 654321 root !Q@W#E$R%T root Ki!l|iN6#Th3Ph03$%nix@NdR3b!irD root !Q@W#E$R%T^ root @!#$%&*Th3@#$!F0RcE%&*@#IS!@#$%!& root !Q@W#E$R%T^Y root diffie-hellman-group-exchange-sha11 root !Q@W#E$R%T^Y& root 123 root !Q@W#E$R%T^Y&U root 1234 root !Q@W#E$R%T^Y&U* root 12345 root !Q@W#E$R%T^Y&U*I root 1234567 root !Q@W#E$R%T^Y&U*I( root 12345678 root !Q@W#E$R%T^Y&U*I(O root 123456789 root !Q@W#E$R%T^Y&U*I(O) root deathfromromaniansecurityteamneversleepba root !Q@W#E$R%T^Y&U*I(O)P root rooooooooooooooooooooooooooooooooot root !Q@W#E$R%T^Y&U*I(O)P_ Interesting passwords
Kippo stats File downloaded psyBNC 2.3.2 ------------ This program is useful for people who cannot be on irc all the time. Its used to keep a connection to irc and your irc client connected, or also allows to act as a normal bouncer by disconnecting from the irc server when the client disconnects.
HoneyD
How you can your netbook useful and fun again!
Interactive portion results….
http://www.enisa.europa.eu/activities/cert/support/proactive- detection/proactive-detection-of-security-incidents-II- honeypots/at_download/fullReport
Honeydrive
Keith Dixon @Tazdrumm3r #misec – Tazdrumm3r tazdrummer@gmail.com http://tazdrumm3r.wordpress.com

Recommandé

Bsides detroit 2013 honeypots
Bsides detroit 2013 honeypotsBsides detroit 2013 honeypots
Bsides detroit 2013 honeypotsTazdrumm3r
 
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invadersMalware analysis - What to learn from your invaders
Malware analysis - What to learn from your invadersTazdrumm3r
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
LOGGING FOR FUN, AND PROFIT
LOGGING FOR FUN, AND PROFITLOGGING FOR FUN, AND PROFIT
LOGGING FOR FUN, AND PROFITInformatics Summit
 
Di shen pacsec_final
Di shen pacsec_finalDi shen pacsec_final
Di shen pacsec_finalPacSecJP
 
Anton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin
 

Recommandé

Bsides detroit 2013 honeypots
Bsides detroit 2013 honeypotsBsides detroit 2013 honeypots
Bsides detroit 2013 honeypotsTazdrumm3r
 
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invadersMalware analysis - What to learn from your invaders
Malware analysis - What to learn from your invadersTazdrumm3r
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
LOGGING FOR FUN, AND PROFIT
LOGGING FOR FUN, AND PROFITLOGGING FOR FUN, AND PROFIT
LOGGING FOR FUN, AND PROFITInformatics Summit
 
Di shen pacsec_final
Di shen pacsec_finalDi shen pacsec_final
Di shen pacsec_finalPacSecJP
 
Anton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) ShenPROIDEA
 
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Lane Huff
 
Real-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFEReal-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFEWasim Halani
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014grecsl
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELKTripwire
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationOlehLevytskyi1
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...CODE BLUE
 
Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...CODE BLUE
 
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1Priyanka Aash
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...Felipe Prado
 
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsAppsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsdrewz lin
 
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...OpenDNS
 
SBI PO exam preparation online
SBI PO exam preparation onlineSBI PO exam preparation online
SBI PO exam preparation onlineVineesh nair
 
Honeypots
HoneypotsHoneypots
HoneypotsShiva Krishna Chandra Shekar
 
Indian government jobs for graduates
Indian government jobs for graduatesIndian government jobs for graduates
Indian government jobs for graduatesurvashi ghai
 

Contenu connexe

Tendances

Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) ShenPROIDEA
 
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Lane Huff
 
Real-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFEReal-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFEWasim Halani
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014grecsl
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELKTripwire
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationOlehLevytskyi1
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...CODE BLUE
 
Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...CODE BLUE
 
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1Priyanka Aash
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...Felipe Prado
 
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsAppsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsdrewz lin
 
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...OpenDNS
 

Tendances (19)

Malware analysis
Malware analysisMalware analysis
Malware analysis
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
 
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
 
Real-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFEReal-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFE
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
Pursue the Attackers – Identify and Investigate Lateral Movement Based on Beh...
 
Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...Detection index learning based on cyber threat intelligence and its applicati...
Detection index learning based on cyber threat intelligence and its applicati...
 
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
Playing games-in-the-sandbox-dynamic-analysis-and-modern-evasion-tactics copy1
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
 
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
DEF CON 27 - MAKSIM SHUDRAK - zero bugs found hold my beer afl how to improve...
 
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsAppsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
 
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
 

En vedette

SBI PO exam preparation online
SBI PO exam preparation onlineSBI PO exam preparation online
SBI PO exam preparation onlineVineesh nair
 
Indian government jobs for graduates
Indian government jobs for graduatesIndian government jobs for graduates
Indian government jobs for graduatesurvashi ghai
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876Momita Sharma
 
Honeypots for Active Defense
Honeypots for Active DefenseHoneypots for Active Defense
Honeypots for Active DefenseGreg Foss
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Communityamiable_indian
 
Automatic Road Sign Recognition From Video
Automatic Road Sign Recognition From VideoAutomatic Road Sign Recognition From Video
Automatic Road Sign Recognition From VideoDr Wei Liu
 
Using Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security MonitoringUsing Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security Monitoringchrissanders88
 
Honeypots for Cloud Providers - SDN World Congress
Honeypots for Cloud Providers - SDN World CongressHoneypots for Cloud Providers - SDN World Congress
Honeypots for Cloud Providers - SDN World CongressVallie Joseph
 
Design & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsDesign & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsIOSR Journals
 

En vedette (19)

SBI PO exam preparation online
SBI PO exam preparation onlineSBI PO exam preparation online
SBI PO exam preparation online
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Indian government jobs for graduates
Indian government jobs for graduatesIndian government jobs for graduates
Indian government jobs for graduates
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Ppt
PptPpt
Ppt
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
 
Honeypots for Active Defense
Honeypots for Active DefenseHoneypots for Active Defense
Honeypots for Active Defense
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
 
Automatic Road Sign Recognition From Video
Automatic Road Sign Recognition From VideoAutomatic Road Sign Recognition From Video
Automatic Road Sign Recognition From Video
 
Using Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security MonitoringUsing Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security Monitoring
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 
Honeypots for Cloud Providers - SDN World Congress
Honeypots for Cloud Providers - SDN World CongressHoneypots for Cloud Providers - SDN World Congress
Honeypots for Cloud Providers - SDN World Congress
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honey Pot
Honey PotHoney Pot
Honey Pot
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Design & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsDesign & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual Honeypots
 

Similaire à Bsides chicago 2013 honeypots

OSINT tools for security auditing [FOSDEM edition]
OSINT tools for security auditing [FOSDEM edition] OSINT tools for security auditing [FOSDEM edition]
OSINT tools for security auditing [FOSDEM edition] Jose Manuel Ortega Candel
 
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.Positive Hack Days
 
Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchYury Chemerkin
 
Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Nick Galbreath
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with pythonJose Manuel Ortega Candel
 
BinaryPig - Scalable Malware Analytics in Hadoop
BinaryPig - Scalable Malware Analytics in HadoopBinaryPig - Scalable Malware Analytics in Hadoop
BinaryPig - Scalable Malware Analytics in HadoopJason Trost
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Dmitry Lebedev: Agile Testing Using Agile Tools
Dmitry Lebedev: Agile Testing Using Agile ToolsDmitry Lebedev: Agile Testing Using Agile Tools
Dmitry Lebedev: Agile Testing Using Agile ToolsAgile Lietuva
 
Using Go in DevOps
Using Go in DevOpsUsing Go in DevOps
Using Go in DevOpsEficode
 
Natalie Pistunovich - Using Go In Dev Ops
Natalie Pistunovich - Using Go In Dev OpsNatalie Pistunovich - Using Go In Dev Ops
Natalie Pistunovich - Using Go In Dev OpsFraugster
 
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Codemotion
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Codemotion
 
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID Creation
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID CreationNagios Conference 2012 - Robert Bolton - Custom SNMP OID Creation
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID CreationNagios
 
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Codemotion
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestPawel Rzepa
 
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)PROIDEA
 
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...OWASP Kyiv
 

Similaire à Bsides chicago 2013 honeypots (20)

OSINT tools for security auditing [FOSDEM edition]
OSINT tools for security auditing [FOSDEM edition] OSINT tools for security auditing [FOSDEM edition]
OSINT tools for security auditing [FOSDEM edition]
 
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.
Alexey Sintsov. Honeypot that Can Bite: Reverse Penetration.
 
Phd final
Phd finalPhd final
Phd final
 
Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitch
 
Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with python
 
BinaryPig - Scalable Malware Analytics in Hadoop
BinaryPig - Scalable Malware Analytics in HadoopBinaryPig - Scalable Malware Analytics in Hadoop
BinaryPig - Scalable Malware Analytics in Hadoop
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Dmitry Lebedev: Agile Testing Using Agile Tools
Dmitry Lebedev: Agile Testing Using Agile ToolsDmitry Lebedev: Agile Testing Using Agile Tools
Dmitry Lebedev: Agile Testing Using Agile Tools
 
NPTs
NPTsNPTs
NPTs
 
Using Go in DevOps
Using Go in DevOpsUsing Go in DevOps
Using Go in DevOps
 
Natalie Pistunovich - Using Go In Dev Ops
Natalie Pistunovich - Using Go In Dev OpsNatalie Pistunovich - Using Go In Dev Ops
Natalie Pistunovich - Using Go In Dev Ops
 
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
 
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID Creation
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID CreationNagios Conference 2012 - Robert Bolton - Custom SNMP OID Creation
Nagios Conference 2012 - Robert Bolton - Custom SNMP OID Creation
 
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
Cyber Analysts: who they are, what they do, where they are - Marco Ramilli - ...
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
 
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
 

Dernier

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Dernier (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Bsides chicago 2013 honeypots

Notes de l'éditeur

  1. RECALCULATE!! Somehow my Excel sorting and calculating may be off a bit.