Skip to content

InfoSanity Blog

Offensive and Defensive IT Security

  • Home
  • Disclaimer
  • Bio: Andrew Waite
  • About

Monthly archives: December 2009

2009: A review

Well, the year is nearly over and it seems everyone is in a reflective mode so I thought I’d join in. And I’m glad I did, didn’t really just how turbulent year I’ve had.

Posted byinfosanity2009-12-17Posted inHoneypot, InfoSec, Lab, Presentation2 Comments on 2009: A review

Fuzzy hashing, memory carving and malware identification

I’ve recently been involved in a couple of discussions for different ways for identifying malware. One of the possibilities that has been brought up a couple of times is fuzzy hashing, intended to locate files based on similarities to known files.

Posted byinfosanity2009-12-15Posted inForensics, Honeypot, Incident Response, Lab, Malware, Tool-KitLeave a comment on Fuzzy hashing, memory carving and malware identification

Analysis: Honeypot Datasets

Earlier this week Markus released two anonymised data sets from live Dionaea installations. The full write-up and data sets can be found on the newly migrated carnivore.it news feed here. Perhaps unsurprisingly I couldn’t help but run the data through my statistics scripts to get a quick idea of what was seen by the sensors.

Posted byinfosanity2009-12-10Posted inDionaea, Honeypot, Malware3 Comments on Analysis: Honeypot Datasets

Starting out with Glastopf

I’ve been lax in writing up my initial experience with Glastopf. For those new to Glastopf, initially created by Lukas Rist as part of the Google summer of code program in collaboration with the Honeynet Project and Thorsten Holz.

Posted byinfosanity2009-12-01Posted inHoneypot, Web App Security15 Comments on Starting out with Glastopf

New dionaea statistics script

Following on from my work with gathering statistics from the Honeypot systems that I run I have released a limited alpha of a new script/tool that I am working on. The tool provides access to common result sets from the sqlite database, without the requirement for remembering the database architecture and entering lengthy SQL statements by hand.

Posted byinfosanity2009-12-01Posted inDionaea, Honeypot, InfoSec, Python2 Comments on New dionaea statistics script

Recent Posts

  • Cowrie to Slack
  • DC44191 – More AWS Security Ramblings
  • Session Manager via VPC EndPoint
  • Automating infrastructure code audits with tfsec
  • AWS HoneyUsers

Recent Comments

  • Kay on A Northern Geeks trip, well, home(ish)
  • AWS CLI – MFA with aws-vault – InfoSanity Blog on AWS CLI – Forcing MFA
  • A Northern Geeks trip, well, nowhere – InfoSanity Blog on A Northern Geeks trip, well, home(ish)
  • AWS Cloud Deployment Toolkit – InfoSanity Blog on [Project] AWS-Card-Spotter – Terraform deployment
  • Phil Jackman on A Northern Geeks trip, well, home(ish)

Archives

  • April 2022
  • March 2021
  • December 2020
  • November 2020
  • September 2020
  • January 2020
  • November 2019
  • June 2019
  • June 2016
  • June 2014
  • May 2014
  • January 2014
  • December 2013
  • May 2013
  • February 2013
  • March 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

Categories

  • Artillery
  • Cloud
  • Cuckoo Sandbox
  • Dionaea
  • Event
  • Exploit
  • Forensics
  • GPS
  • honeyd
  • Honeypot
  • Incident Response
  • InfoSec
  • Infrastucture as Code
  • Kippo
  • Lab
  • Legal
  • Lockpicking
  • Malware
  • MS Windows
  • Nepenthes
  • Physical Security
  • Powershell
  • Presentation
  • Privacy
  • Projects
  • Python
  • Reading
  • Reverse Engineering
  • Social Engineering
  • SuperMondays
  • Terraform
  • Tool-Kit
  • ToonCon
  • Uncategorized
  • VMware
  • Web App Security
  • Wireless

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
InfoSanity Blog, Proudly powered by WordPress.