The Honeynet Project goes public
After a year of operating as a private mailing list, the Honeynet Project has formally announced itself this week. The structure, the mission, and what it changes about deception research are worth writing about.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged honeypots — 8 results.
Honeypot v2: second-month captures
Five months of running the high-interaction honeypot. The captures continue to be the highest-value source of post-compromise intelligence I have access to. Three more sanitised observations and what each teaches.
The honeypot v2 — first interesting captures
Six weeks of running the new high-interaction honeypot has produced exactly the kind of post-compromise data I was hoping for. Three sanitised observations from the logs, with the lessons each one teaches.
Honeypot v2: design notes
After a year of running my small honeypot and reading the Honeynet conversations, I am rebuilding from scratch. The new architecture takes a different approach — high interaction in a contained environment — and the design choices are worth writing down before I commit to them.
Joining the Honeynet conversation
Lance Spitzner has started a small private mailing list for people interested in deploying honeypots seriously. I have just joined. The early threads are some of the most interesting writing I have read on the discipline.
Building a small honeypot from scratch
DTK is the right place to start. A weekend later, here is the much smaller honeypot I have written myself, what it logs, and the design decisions that turned out to matter.
What I expect to be reading about in 1999
An opening note for the year. The five trends in defensive computing I expect to spend my evenings on, with notes on why each one is interesting beyond its current obvious form.
A weekend with the Deception Toolkit
Fred Cohen's Deception Toolkit is the first publicly available honeypot, and a small revolution in how we should be thinking about defence. I spent a weekend running it, and now I cannot stop thinking about it.