Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
المحتوى المقدم من Black Hat / CMP and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat / CMP and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
Allen Harper and Edward Balas: GEN III Honeynets: The birth of roo
MP3•منزل الحلقة
Manage episode 155121480 series 1146744
المحتوى المقدم من Black Hat / CMP and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat / CMP and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
A Honeypot is a information gathering system, designed for attackers to interact with. A honeynet, simply put, is a network of honeypots. The key component of a honeynet is the honeywall. The honeywall is used to provide the following capabilities: * Data Capture. The ability to collect information about the attack. * Data Control. The ability to restrict the amount of damage that can be done from one of your honeypots to another network. * Data Analysis. The ability to conduct limited forensics analysis on the network traffic or compromised honeypots in order to discover the attackers methodology. * Data Alerting. The ability to alert an analyst as to suspicious activity. In 2001, Honeynet.org released a honeywall, called eeyore, which allowed for Gen II honeynets and improved both Data Capture and Data Control capabilities over the Gen I honeynets. In the summer of 2005, Honeynet.org released a new honeywall, called roo, which enables Gen III honeynets. The new roo has many improvements over eeyore: * Improved installation, operation, customization * Improved data capture capability by introducing a new hflow database schema and pcap-api for manipulating packet captures. * Improved data analysis capability by introducing a new web based analysis tool called walleye. * Improved user interfaces and online documentation The purpose of this presentation is to describe the new capabilities of Gen III honeynets and demonstrate the new roo. In addition, a road ahead will be discussed to describe a global honeygrid of connected honeynets. Allen Harper is a Security Engineer for the US Department of Defense in Northern Virginia. He holds a MS in Computer Science from the Naval Post Graduate School. For the Honeynet Project, Allen leads the development of the GEN III honeywall CDROM, now called roo. Allen was a co-author of Gray Hat, the ethical hackers handbook published by McGraw Hill and served on the winning team (sk3wl of root) at last year's DEFCON Capture the Flag contest. Edward Balas is a security researcher within the Advanced Network Management Laboratory at Indiana University. As a member of the Honeynet Project, Edward leads the development of Sebek and several key GenIII Honeynet data analysis components. Prior to joining Indiana Unviersity, Edward worked for several years as a network engineer developing tools to detect and manage network infrastructure problems.>
…
continue reading
61 حلقات
Allen Harper and Edward Balas: GEN III Honeynets: The birth of roo
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
MP3•منزل الحلقة
Manage episode 155121480 series 1146744
المحتوى المقدم من Black Hat / CMP and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat / CMP and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
A Honeypot is a information gathering system, designed for attackers to interact with. A honeynet, simply put, is a network of honeypots. The key component of a honeynet is the honeywall. The honeywall is used to provide the following capabilities: * Data Capture. The ability to collect information about the attack. * Data Control. The ability to restrict the amount of damage that can be done from one of your honeypots to another network. * Data Analysis. The ability to conduct limited forensics analysis on the network traffic or compromised honeypots in order to discover the attackers methodology. * Data Alerting. The ability to alert an analyst as to suspicious activity. In 2001, Honeynet.org released a honeywall, called eeyore, which allowed for Gen II honeynets and improved both Data Capture and Data Control capabilities over the Gen I honeynets. In the summer of 2005, Honeynet.org released a new honeywall, called roo, which enables Gen III honeynets. The new roo has many improvements over eeyore: * Improved installation, operation, customization * Improved data capture capability by introducing a new hflow database schema and pcap-api for manipulating packet captures. * Improved data analysis capability by introducing a new web based analysis tool called walleye. * Improved user interfaces and online documentation The purpose of this presentation is to describe the new capabilities of Gen III honeynets and demonstrate the new roo. In addition, a road ahead will be discussed to describe a global honeygrid of connected honeynets. Allen Harper is a Security Engineer for the US Department of Defense in Northern Virginia. He holds a MS in Computer Science from the Naval Post Graduate School. For the Honeynet Project, Allen leads the development of the GEN III honeywall CDROM, now called roo. Allen was a co-author of Gray Hat, the ethical hackers handbook published by McGraw Hill and served on the winning team (sk3wl of root) at last year's DEFCON Capture the Flag contest. Edward Balas is a security researcher within the Advanced Network Management Laboratory at Indiana University. As a member of the Honeynet Project, Edward leads the development of Sebek and several key GenIII Honeynet data analysis components. Prior to joining Indiana Unviersity, Edward worked for several years as a network engineer developing tools to detect and manage network infrastructure problems.>
…
continue reading
61 حلقات
Усі епізоди
×مرحبًا بك في مشغل أف ام!
يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.