As I discussed in my last post about Dionaea I am really impressed with the improvements to logging capabilities over Nepenthes. I’ve now had a Dionaea system online for ~24hours, which while it isn’t enough data to draw any meaningful statistics, it has provided enough data to work on some new tools. I had been […]
Author archives: infosanity
Starting with Dionaea
As my previous post states, my Nepenthes system has been retired. In it’s place I’m building up a Dionaea system. The new features proposed by Dionaea should go a long way to improving on a couple of Nepenthes’ shortcomings, a good comparison of the two systems can be found on the Nepenthes blog (post October 27th). But what really caught my attention was the recent post on November 6th detailing the improved logging capabilites that are going to be built into Dionaea.
Last Nepenthes Statistics
Following on from the move from Nepenthes to Dionaea, I’m decomissioning my Nepenthes server to start afresh with Dionaea. As such I thought I’d share the final statistics using InfoSanity’s statistic script for Nepenthes.
Sad news: RIP Str0ke – Update, was hoax
Sad news for the information security community today; it seems that Str0ke, the creator and maintainer of Milw0rm, has passed on.
EuroTrash Security podcast is live
The first episode of EuroTrash Security has been released this week. The stated goal is to create an infomation security podcast focused on happenings within Europe. Which provides one of the best taglines for a podcast I’ve heard: Security with funny accents.
Nepenthes is Dead, Long live Dionaea
The latest post (dated October 27th 2009) on the Nepenthes site indicates that development on Nepenthes is coming to a close, stating 7 reasons preventing newer features being implemented with Nepenthes. As a result I’m stopping development on my statistics scripts for parsing the Nepenthes’ log files. The good news is that work on Nepenthes’ spiritual successor is well underway, in the form of Dionaea.
SuperMondays – Barcamp style
This months SuperMondays was a deviation from the usual format; rather than speaker followed by Q&A the event was run in a similar format to Barcamp. This meant that there were several simultaneous conversations ongoing at any one time with attendees floating between discussions and chipping in as appropriate.
Dissecting the Hack
When I first heard about Jayson’s book, Dissecting the Hack: The F0rb1dd3n Network I was really looking forward to getting my hands on a copy. Without going through the backstory, getting a copy could now be difficult. The community response to the situation has been outstanding, I don’t think any other industry would pull together […]
Automated Malware & ESXi frustrations
I recently read Christian Wojner’s excellent paper on Mass Malware Analysis and it re-ignited my desire to build an automated environment to improve and speed up my current malware analysis capabilities. The paper details a step by step for duplicating Wojner’s environment, but I as I don’t have any spare equipment I’ve been looking for alternative routes.
Rapid7 Acquire Metasploit
I’d guess this won’t be breaking news to anyone as it was always going to generate a buzz once announced, but for anyone who has missed today’s revelations; Metasploit has been acquired by Rapid7 with HDM and Egypt joining the company.