May Supermondays Presentation – Video Evidence

I jumped the gun slightly when I said previously that there was no recording of my talk, the camera managed to catch the first 2+ minutes of the presentation. Just enough time for a brief overview of the intention behind honeypot systems. Direct Link. The rest of the Super Mondays event was recorded more successfully. […]

May SuperMondays Presentation: The Aftermath

I had a really enjoyable night at last night’s SuperMondays event. Some of the innovative uses for technology on display from Newcastle University provided a great glimpse of where we could be heading in the future towards ubiquitous computing. Of special interest were the research being undertaken with surface computing, which seems to have taken […]

Random Malware Analysis

Having recently been left with several hours to kill with nothing but a laptop and my virtual lab I thought I’d try my hand at some rudimentary malware analysis. For a random live sample I selected the most recent submission to my Nepenthes Server. $ tail -n1 /opt/nepenthes/var/log/logged_submissions[2009-05-21T19:10:59] -> creceive:// 93715cfc2fbb07c0482c51e02809b937 To start […]

Several days of playing working with the raw data and a couple of intermediate scripts (csv & mysql) have paid off. I’m now ready to release the first version of Infosanity‘s Nepenthes log parser. This utility is substantially larger than my previous two releases (although still small) so I’ll not include source code here, head […]

Utility script in a similar vein to, the script reads Nepenthes’ logged_submissions file from stdin and dumps the information into a MySQL database table. Initially this serves the same purpose as it’s CSV counterpart, importing the date into system with powerful search and filter functionality. However this may be useful if wanting to work […]