Know Your Enemy: Phishing
- 17 May, 2005
This paper documents how attackers build and use their infrastructure
for Phishing based attacks. This highly technical and indepth paper
is based on data captured and analyzed from the UK and German Honeynet
Project.
Know Your Enemy: Honeywall CDROM
- 17 May, 2004
This paper introduces you to the concepts of the Honeywall CDROM, a bootable
Honeynet gateway. Anyone wanting to deploy a honeynet
should seriously consider this solutions, as it standardizes deployments
and combines all of our tools, including data control, data capture, and
data analysis.
Know Your Enemy: Tracking Botnets
- 14 March, 2005
This paper documents what Botnets are, who is using them, how, and why.
It also introduces the tools 'mwcollect' and 'drone' which can be used for
collecting malware and tracking Botnet activity.
Know Your Enemy: Trends
- 21 December, 2004
This paper documents how over the past several years, the life expectancy has
dramatically increased for unpatched or vulnerable Linux systems. The purpose
of this paper is to make you ask "Why is no one hacking Linux anymore?".
Know Your Enemy: Honeynets in Universities
- 26 April, 2004
This paper covers how academic institutions can deploy honeynets in their
networks. We cover the lessons learned from GA Tech deploying a honeynet on
their internal .edu network, how they got permission, and the successes they
had. The purpose of this paper is to make it easier for any university or
college to deploy a honeynet, for either research or operational activity.
Know Your Enemy: Sebek
- 17 November, 2003
A detailed look into one of the Project's primary tools for
an attacker's activity on a honeypot, even encrypted
activity, such as SSH, burneye, and IPSec. This paper covers what Sebek
is, its value, how it works, strengths and weaknesses, and how to analyze
data recovered by Sebek.
Profiles - Automated Credit Card Fraud
- 10 July, 2003
A look at just how easy, automated, and wide spread credit
card fraud and identity theft has become, even amongst unskilled
individuals.
Know Your Enemy: GenII Honeynets - 10 May, 2005
This papers describes step-by-step how to build, deploy, and test a 2nd
generation (GenII) Honeynet using the latest technologies. GenII Honeynets are
considered easier to deploy, harder to detect, and safer to maintain then the
original GenI technologies.
Know Your Enemy: Honeynets - 10 May, 2005
This paper is an overview of the concepts, values, risks, and issues of Honeynets. This paper
does not discuss the technical details of Honeynet technologies.
Know Your Enemy: Defining Virtual Honeynets - 27 January, 2003
This paper defines what a Virtual Honeynet is, its advantages and disadvantages,
and the different way they can be deployed.
Know Your Enemy: Learning with User-Mode Linux - 20 December, 2002
This paper explains step by step how to build a GenI virtual Honeynet using
OpenSource software. Deploy a complete Honeynet using nothing more than an old
486 computer and free software!
NOTE: This paper is no longer actively maintained.
Know Your Enemy: Passive Fingerprinting - 04 March, 2002
This paper details how to passively learn about the enemy, without them
knowing about it. Specifically, how to determine the operating system of a remote
host using passive sniffer traces only.
NOTE: This paper is no longer actively maintained.
Know Your Enemy: Motives - 27 June, 2000
This paper studies the motives and psychology of a group of simple attackers,
all in their own words.
NOTE: This paper is no longer actively maintained.
Know Your Enemy: Statistics - 23 July, 2001
This paper analyzes eleven months of data collected by the Honeynet Project.
Based on this data, we demonstrate just how active the blackhat community is.
We also demonstrate that it may be possible to predict future
attacks.
NOTE: This paper is no longer maintained and is considered out of date.
Know Your Enemy: A Forensics Analysis - 23 May, 2000
This paper studies step by step a successful attack of a system. However,
instead of focusing on the tools and tactics
used, we focus on our analysis techniques and how we pieced the information
together. The purpose is to give you the skills necessary to analyze and
learn on your own the threats your organization faces.
NOTE: This paper is no longer actively maintained.
Know Your Enemy: Worms at War - 7 November, 2000
See how worms probe for and compromise vulnerable Microsoft Windows systems.
Based on the first Microsoft honeypot compromised
in the Honeynet Project.
NOTE: This paper is no longer actively maintained.
Know Your Enemy: III - 27 March, 2000
What happens after the script kiddie gains root. Specifically, how they
cover their tracks while they monitor your system. The paper goes through
step by step on a system that was compromised, with system logs and keystrokes
to verify each step.
NOTE: This paper is no longer maintained and is considered out of date.
Know Your Enemy: II - 18 June, 2001
How to determine what the enemy is doing by analyzing your system log files.
Includes examples based on two commonly used scanning tools, sscan and nmap.
NOTE: This paper is no longer maintained and is considered out of date.
Know Your Enemy - 21 July, 2000
The tools and methodology of the most common black-hat threat on the Internet,
the Script Kiddie. By understanding how they attack and what they are looking
for, you can better protect your
systems and network.
|