As part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will present the speakers' latest research project to gain more knowledge about implementing client-based honeypots. According to Symantec's Internet Security Threat Report VIII (September 2005) attackers these days tend to move away from large-scale attacks towards smaller but precisely focused attacks on client-side targets. Equipped with a certain "exploiting a windows box for fun and profit" mindset and supported by browser bugs, bot networks and all sorts of malicious code, attacks seem to be more and more motivated by a deep desire for money and profit ultimately marking a true shift in the today’s threat landscape. Based on this development and as part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will compare honeymonkeys to honeypots highlighting both the similarities as well as differences between those two technologies. It will also feature the speakers’ efforts and experiences in implementing, monitoring and analyzing such client-based honeypots with a step-by-step howto for starting your own honeymonkey project. Experiences and catches will be presented in a real environment, so kids please try this at home!
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.