What does The Honeynet Project do and what is our connection to it

The Honeynet Project is a nonprofit organization established by Lance Spitzner, which brings together researchers and programmers from around the world. It is engaged in investigating attacks, their monitoring and the development of open-source tools in the field of information security.

Honeypots are systems designed to attract attackers, record their activities and obtain new malware samples. It is a kind of a bait for attacking (infected) systems, thanks to which we can detect and find a solution for these harmful activities more quickly and efficiently. New malware samples captured by honeypots also become available to antivirus developers, who promptly react and provide sufficient protection for end-users.

We operate our honeypots also in the CZ.NIC association. Among the achievements, there are real-time maps of attacks at honeymap.cz and information about security incidents that we subsequently address in the National Security Team CSIRT.CZ. This information enables us to notify administrators of the attacked or infected systems of possible problems and prevent the spread of damage.

We work on continuous improvement of our honeypots — for example, the results of malware analysis from the VirusTotal are now being saved to the database of the Kippo honeypot. We test other improvements in our development branches and gradually add them to the master system.

After we added the information on the changes in Dionaea and Kippo honeypots to our internal mailing list, members of The Honeynet Project offered to share our newsletter to the wider community. We were very pleased by this interest and initiative on their part. The community as well as all honeypot fans can follow the improvements through this link to GitLab. We hope that these improvements will be beneficial for the community.

The Honeynet Project also organizes regular meetings of professionals in the form of workshops. Their purpose is to exchange experience in the efficient operation of honeypots and their further improvement. It is one of the few opportunities for honeypot “fans” to exchange experience in person. Information about the project and its activities can be found also on The Honeynet Project website.

Author:

Leave a comment