LebahNET Statistic – November 2015

1. Summary CyberSecurity Malaysia has established a Honeynet project known as Lebahnet. Lebahnet is a Honeypot Based Distributed System for detecting and capturing attacks that evades traditional security devices. This project was initiated in 2002. Lebahnet as a lightweight and passive honeypot; emulate vulnerabilities of operating systems used in an enterprise to alert security administrator […]

LebahNET Statistic – October 2015

1. Summary CyberSecurity Malaysia has established a Honeynet project known as Lebahnet. Lebahnet is a Honeypot Based Distributed System for detecting and capturing attacks that evades traditional security devices. This project was initiated in 2002. Lebahnet as a lightweight and passive honeypot; emulate vulnerabilities of operating systems used in an enterprise to alert security administrator […]

LebahNET Statistic – September 2015

1. Summary CyberSecurity Malaysia has established a Honeynet project known as Lebahnet. Lebahnet is a Honeypot Based Distributed System for detecting and capturing attacks that evades traditional security devices. This project was initiated in 2002. Lebahnet as a lightweight and passive honeypot; emulate vulnerabilities of operating systems used in an enterprise to alert security administrator […]

ESPot is released!

The team at MyCERT has released ElasticSearch honeyPot (ESPot) as a tool to capture every attempts to exploit CVE-2014-3120. This tool is written in NodeJS and released under General Public License v3. Kindly refer here to get ESPot and the configuration instructions. Have fun!

Honeynet Project Annual workshop 2010

The Annual Honeynet Project  workshop this year was held at Mexico City, Mexico. The workshop enables chapters from all over the globe to meet, discuss ideas, share experiences and develop our toolsets for data collection and analysis. It is an extremely valuable and unique event, where chapters from around 20 countries find the time to […]

Hooking pBot

I’m working on analyzing remote file inclusion (RFI) code. For pBot class which uses  an IRF server as their command and control (C&C) ,  we are interested to get the IP addresses of the C&C,  the channel name and  the nickname used to connect to irc server. Below are sample of output: