Research :: Internet
Intrusion Detection Systems :: Security

eWeek - RSS Feeds

Gartner Revises Server Share Numbers
Thu, 03 Jul 2008 18:43:24 -0400
Gartner revised its first quarter numbers and found that IBM actually beat out Hewlett-Packard in server revenue....
Who Is Running The Most Secure Browser?
Thu, 03 Jul 2008 14:03:13 -0400
Many users are undoubtedly not updating their browsers as quickly as they should, but you can't conclude any specifics about that from the recent study of Google logs....
DOJ Sued Over Cell Phone Tracking Practices
Wed, 02 Jul 2008 17:08:34 -0400
Civil liberties groups claim the Justice Department is bypassing warrants to obtain real-time tracking information on U.S. citizens....
Microsoft Internet Explorer Security Strikes Back
Wed, 02 Jul 2008 17:03:53 -0400
Microsoft Internet Explorer 8 Beta 2 security builds on the Phishing Filter of IE 7 and thwarts cross-site scripting....
IBM Helps Link POS to the Back Office
Wed, 02 Jul 2008 16:50:30 -0400
IBM and Epicor jointly release an offering that centrally manages and supports POS....

The Seattle Times: Business & Technology

Pack the plastic; Alaska Airlines goes cashless
Thu, 03 Jul 2008 22:17:17 -0700
Alaska Airlines will no longer accept cash for in-flight purchases.
Pocket Armrest seeks to become the next neck pillow
Thu, 03 Jul 2008 22:09:44 -0700
Serial entrepreneur Matt Mostad, of Kenmore, comes up with an idea for traveler's aide while sitting in a cramped airplane seat.
Chevrolet may introduce a mini to U.S.
Thu, 03 Jul 2008 22:12:00 -0700
General Motors is considering a new Chevrolet minicar for the U.S. as it reworks its product lineup to cope with a dramatic shift from trucks to cars that is linked to high gas prices, a spokesman said Thursday.

NYT > Technology

Bits: Google Puts Privacy Link on Main Page
Fri, 04 Jul 2008 18:08:11 -0000
The move brings Google into clear compliance with a California law that requires many Internet sites to have a link to their privacy policy on their home page.
Google Told to Turn Over User Data of YouTube
Fri, 04 Jul 2008 04:30:23 -0000
The order raised concerns that the online video viewing habits of tens of millions of people could be exposed.
Bits: What Is Facebook Worth? (Part 37)
Fri, 04 Jul 2008 15:43:10 -0000
A document in the settled Facebook ConnectU litigation reveals that Facebook’s common shares are worth a quarter of the value of the stock Microsoft purchased when it invested in the social network.

CNN.com - Technology

Stealing ideas from nature
Fri, 04 Jul 2008 10:01:21 -0400
When self-confessed "nature nerd" Janine Benyus coined the term "biomimicry" in a book she published a decade ago, little did she know it would make her a household name, rubbing shoulders with Hollywood stars.
Faked tiger photo sparks Web furor
Fri, 04 Jul 2008 14:23:49 -0400
Read full story for latest details.
Tunguska blast still a mystery 100 years on
Fri, 04 Jul 2008 10:17:51 -0400
It produced a blast hundreds of times stronger than the Hiroshima bomb, was seen hundreds of miles away and narrowly missed obliterating an entire city -- but 100 years to the week after the mysterious explosion in Siberia, no one is any closer to understanding what caused it.

NPR Topics: Technology

We Know What You've Been Watching on YouTube
Fri, 04 Jul 2008 13:13:00 -0400
A court has ordered Google to turn over a database that links users to every video they've watched on the popular Web site YouTube. Jennifer Urban, director of the University of Southern California Intellectual Property and Technology Law Clinic, says the ruling has big implications for online privacy.
Twitter, What Are You Doing? Co-Founder Tells All
Thu, 03 Jul 2008 10:51:00 -0400
Twitter.com has so many new users that the Web site keeps crashing. Meanwhile, Twitter engineers are taking popular features away for retooling. It's a painful process, but co-founder Biz Stone has a plan.
Free Speech In China? Text Me
Wed, 02 Jul 2008 17:21:00 -0400
Hundreds of millions of people in China have cell phones, and with no voice mail, many turn to text messaging to make sure their messages get conveyed. Texting remains one of the few outlets for free speech in a country notorious for its censorship practices.

BBC News | Technology | UK Edition

Google 'faces Street View block'
Fri, 04 Jul 2008 07:56:34 -0000
Google's plans to launch a mapping tool in the UK could be referred to the Information Commissioner.
Warning letters to 'file-sharers'
Thu, 03 Jul 2008 17:41:04 -0000
The music industry says thousands of UK broadband users who share tracks illegally will be warned about it in letters.
Google must divulge YouTube log
Thu, 03 Jul 2008 20:19:53 -0000
Google must divulge the viewing habits of every user who has ever watched avideo on YouTube, says a US court.

Reuters Video: Technology

Japan asks: anybody out there?
Fri, 04 Jul 2008 12:02:00 -0400
Jul. 4 - Japan's biggest astronomical observatories are teaming up for a fresh quest to find out if there is life in outer space.
Reuters Technology Week
Thu, 03 Jul 2008 19:52:38 -0400
Jul. 3 - The robo-bartender, virtual haute couture, and global leaders ride hydrogen style.
Robo barman pulls first pint
Thu, 03 Jul 2008 09:03:25 -0400
Jul. 3 - Billed as the world's first robot barman, Mr Asahi pulls the crowds at London's Selfridges department store.

AP Top Technology News At 6:44 p.m. EDT

Court orders YouTube to give Viacom video logs
By ANICK JESDANUN Fri, 04 Jul 2008 11:52:13 -0000
NEW YORK (AP) -- Dismissing privacy concerns, a federal judge overseeing a $1 billion copyright-infringement lawsuit against YouTube has ordered the popular online video-sharing service to disclose who watches which video clips and when....
2 teens attacked in town mocked in YouTube videos
Fri, 04 Jul 2008 22:44:12 -0000
DOVER, N.Y. (AP) -- Two teenagers who drove to Oniontown after a series of YouTube videos portrayed the hamlet as a run-down, backwoods dump were pelted with rocks by an angry group of young residents, authorities said....
Internet addressing agency loses its own addresses
Thu, 03 Jul 2008 20:57:41 -0000
NEW YORK (AP) -- This doesn't sound good: The nonprofit agency in charge of the Internet's addresses recently lost track of its own....

CNET News.com

Ask.com closes Dictionary.com deal
Fri, 04 Jul 2008 14:52:00 -0700
Fourth-ranked search engine completes its acquisition of the parent company of Dictionary.com, Thesaurus.com, and Reference.com.
1 euro eBay baby goes home
Fri, 04 Jul 2008 13:37:00 -0700
Parents had put their baby boy up for sale on eBay--apparently as a joke--but German authorities didn't find it particularly amusing.
VeriSign names interim CEO
Fri, 04 Jul 2008 12:02:00 -0700
Company's founder takes the place of the CEO and president, who resigned abruptly earlier this week.

 

Subscribe to Computers RSS feed

Honeypot - GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.

to find Web threats - Article discussing how Microsoft have developed a series of Windows XP clients, dubbed honeymonkeys, that crawl the Web finding sites that use unreported vulnerabilities to compromise unsuspecting users.
Meta Description: [ Microsoft has head-hunted a senior legal officer from the FBI to become its chief security advisor in the UK. ]

Alkasis Software - Manufacturer of the PatriotBox HoneyPot server.

An Evening with Berferd - A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.

Anton Chuvakin Honeynet Reseach and Live Stats - Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.

B.A.S.T.E.D. - A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.

Back Officer Friendly - Created to detect when anyone attempts a Back Orifice scan against your computer. Also detects attempted connections to other services, such as Telnet, FTP, SMTP, POP3 and IMAP2.

Bubblegum proxypot - An open proxy honeypot (proxypot) that pretends to be an open proxy. Designed primarily to catch the mail spammer.

404 Building a GenII Honeynet Gateway - This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.

Chinese Honeynet Project - The Artemis Project (Chinese Honeynet Project).

Deception ToolKit (DTK) - A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.

Deploying and Using Sinkholes - Configuring and deploying Sink Hole Routers, which are the network equivalent of a honey pot.
Meta Description: [ Arbor's network-wide anomaly detection solutions protect organizations from zero-day security threats like distributed denial of service attacks and worms, and operational vulnerabilities like peering issues and routing instability. ]

EruditeAegis.net - Papers on Honeypot technology - Connection Redirection Applied to Production Honeypot.

fakeAP - Generates thousands of counterfeit 802.11b access points for use as part of a honeypot or to confuse Wardrivers, NetStumblers, Script Kiddies, and other undesirables.

Honey Web - An Active Server Pages (ASP) compliant web server honey pot, that detects common attacks against web servers and logs the requests in a real-time viewer . It can recognize Buffer Overflows , Denial of Service attacks, Directory Transversal attacks, SQL Injection attacks , XSS attacks , Session hijacking attacks.

Honeybee - A tool for semi-automatically creating emulators of network server applications.

Honeycomb - A system for automated generation of signatures for network intrusion detection systems (NIDSs).
Meta Description: [ Honeycomb Project ]

Honeyd - Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.

Honeyd Control Center - Honeyd configuration wizard, a SQL Interface, and reports.

HoneyNet Project - A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned.

Honeynet Security Console (HSC) - HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs.
Meta Description: [ Activeworx.org provides free high quality security tools ]

Honeynet.BR - Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot.
Meta Description: [ Brazilian Honeypots Alliance ]

Honeynet.org: Tracking Botnets - Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.
Meta Description: [ Tracking Botnets with help of Honeynets ]

Honeypot + Honeypot = Honeynet - Article discussing the creation of the Honeynet Project.
Meta Description: [ Honeypot + Honeypot = Honeynet - What do you get when you place two (or more) honeypots into a network? The answer is a honeynet. The idea of creating a network of lures was the seminal idea behind the Honeynet Project (http://project.honeynet.org), a non-profit, IT security research group starte... ]

404 Honeypots - Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.

404 Honeypots - An introduction to honeypots, the different types, and their value.

Honeypots: Monitoring and Forensics Project - Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics.

Honeypots: Tracking Hackers - White papers, mailing list and other resources related to honeypots.

Honeypotting with VMware - An article about how to use VMware to produce honeypots to catch system intruders.

Honeypotting: The Complete Documentation - Index of over 75 papers on Honeypots.

Honeywall CDROM - A honeynet gateway on a bootable CDROM.

Impost - Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available).

404 Installing a Virtual Honeywall using VMware - This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments.

KeyFocus - KF Sensor - Honey pot IDS - A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans.
Meta Description: [ KFSensor is a commercial host based Intrusion Detection System (IDS), it acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans. ]

Know Your Enemy: GenII Honeynets - An Introduction to second generation honeynets (honeywalls).
Meta Description: [ 2nd Generation Honeynets ]

Know your Enemy: Phishing - This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project.
Meta Description: [ Tracking Botnets with help of Honeynets ]

LaBrea Tarpit - A program that creates a tarpit or, as some have called it, a sticky honeypot

500 MastaHackaWannabeAnalajza - Provides visualization of hack attempts against a honeypot server. Reports include attack intensity over time and attack types. Based on IDS data produced by snort.

mwcollect - A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwcollect cannot actually be infected with the malware.

Nepenthes - A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms.

Netbait - Netbait Commercial Honeypot.

Philippine Honeynet Project, Philippines - Philippine Honeynet Project. Includes transcript of a VMWare Honeynet using Windows XP / Windows 2000 as the base OS.
Meta Description: [ Philippine Honeynet Project ]

Project Honey Pot: Distributed Spam Harvester Tracking Network - A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites.
Meta Description: [ A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites. ]

RedHat Linux 6.2 Honeypot Analysis - Incident analysis for a compromised default honeypot installation of RedHat Linux 6.2. Includes design, configuration and log details for the compromised machine.
Meta Description: [ Holcroft.org honeypot analysis ]

SécurIT - LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper)

SCADA HoneyNet Project - SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).

SecurityDocs - Honeypots - Directory of articles, white papers, and documents on honeypots and other security topics.
Meta Description: [ Directory of information security articles, white papers, and documents ]

SecurityFocus: Problems and Challenges with Honeypots - Article discussing issues with Honeypot technology, focusing on dealing with the possibility of your Honeypot being detected (and potentially abused) by an attacker.
Meta Description: [ In this paper we take a look at some of the many challenges and problems facing honeypots, and possible approaches on how to solve them. By identifying these problems now, we can hope to make honeypots a stronger technology for the future. ]

SecurityFocus: Defeating Honeypots - Network issues, Part 1 - Article discussing methods hackers use to detect honeypots.
Meta Description: [ The purpose of this paper is to explain how attackers behave when they attempt to identify and defeat honeypots, and is useful for security professionals to deploy honeypots in a more stealthy manner. ]

SecurityFocus: Defeating Honeypots: System Issues, Part 1 - This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer.
Meta Description: [ This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer. ]

SecurityFocus: Dynamic Honeypots - Honeypots that dynamically learn your network then deploy virtual honeypots that adapt to your network.
Meta Description: [ The search for the dream honeypot: dynamic honeypots, an appliance-like plug-and-play solution. ]

SecurityFocus: Fighting Internet Worms With Honeypots - This paper evaluates the usefulness of using honeypots to fight Internet worms and perform counterattacks.
Meta Description: [ This paper will evaluate the usefulness of using honeypots to fight Internet worms, including a discussion on capturing a worm, redirecting worm traffic to fake services, launching counter attacks to clean infected hosts, and finally removing the worm or negating its effects. ]

Securityfocus: Fighting Spammers With Honeypots - This paper evaluates the usefulness of using honeypots to fight spammers.
Meta Description: [ This paper will evaluate the usefulness of using honeypots to fight spammers on several fronts. Part one discusses the methods spammers use to harvest addresses, maintain stealth and manipulate open mail relays on the Internet. Then honeypots will be considered that create fake email addresses to... ]

SecurityFocus: Honeypot Farms - This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms.
Meta Description: [ This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms. ]

SecurityFocus: Honeytokens -The Other Honeypot - This paper discusses honeytokens, honeypots that are not computers, but rather digital entities that are stored in a restricted part of the network.
Meta Description: [ The purpose of this series of honeypot papers is to cover the breadth of honeypot technologies, values and issues. This article extends the capabilities even further by discussing the concept of honeytokens. ]

SecurityFocus: Wireless Honeypots - Article discussing the use of honeypot technology to combat attacks on wireless networks.
Meta Description: [ This paper will introduce honeypots as a countermeasure for attacks on wireless environments using WiFi-related technologies. They can be used to identify and defeat unsuspecting blackhat attackers. ]

Sombria Honeypot System - A honeypot system and Honeypot Exchange Program.

SourceForge.net: Project - HoneyView - A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data.
Meta Description: [ The world's largest development and download repository of Open Source code and applications ]

Spampoison - Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.
Meta Description: [ Anti-Spam - Fight Back Against Spammers. Virtually infinite numbers of bogus email addresses to poison the e-mail databases of spammers. Keywords: Anti-Spam, unsolicited unwanted commercial e-mail, junk email, anti-junk, bulk advertising e-mail ]

Spanish Honeynet Project - Independent non-profit research organization of security professionals dedicated to information security focused on honeynet technologies.
Meta Description: [ Spanish Honeynet Project ]

spank - A collection of programs to deploy, run and analyse network and host simulations in IP networks.

Talisker Security Wizardry: Honeypots - Describes different commercial and freeware honeypots.

500 The Bait and Switch Honeypot System - A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data.

The Distributed Honeypot Project - The goal of this project is to organize dispersed honeypots across the Internet and share findings with the security community.

The Portuguese Honeynet Project - Information on their honeypot farm using HoneyMole.

The Strider HoneyMonkey Project - Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots.
Meta Description: [ The Strider HoneyMonkey Project ]

The Team Cymru Darknet Project - A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics.

thp - Tiny Honeypot - A simple honey pot program based on iptables redirects and an xinetd listener.

Virutal Honeynet: Deploying Honeywall using VMware - Information on deploying a Virtual Honeynet based on Honeywall using VMware.

WebMaven (Buggy Bank) - WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application security scanners and as a Honeypot.
Meta Description: [ Provider of information security consulting and training services. Worldwide experience at affordable prices. ]