Learn, hack!

URL

http://dewy.fem.tu-ilmenau.de/CCC/22C3/video/22C3-871-en-honeymonkeys.mp4

File name

22C3-871-en-honeymonkeys.mp4

File size

379.6 MB

MD5

d4ee4187b34eb461902279396357f961

SHA1

08805ab5d574010c4ad4e357e1f81f55f9514a89

As part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will present the speakers' latest research project to gain more knowledge about implementing client-based honeypots. According to Symantec's Internet Security Threat Report VIII (September 2005) attackers these days tend to move away from large-scale attacks towards smaller but precisely focused attacks on client-side targets. Equipped with a certain "exploiting a windows box for fun and profit" mindset and supported by browser bugs, bot networks and all sorts of malicious code, attacks seem to be more and more motivated by a deep desire for money and profit ultimately marking a true shift in the today’s threat landscape. Based on this development and as part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will compare honeymonkeys to honeypots highlighting both the similarities as well as differences between those two technologies. It will also feature the speakers’ efforts and experiences in implementing, monitoring and analyzing such client-based honeypots with a step-by-step howto for starting your own honeymonkey project. Experiences and catches will be presented in a real environment, so kids please try this at home!