Sebek captures from the Nimda window
The Nimda outbreak produced a substantial volume of Sebek captures from my honeypot. A walk through what the captures show about the post-Nimda compromise environment.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged sebek — 3 results.
Sebek captures: a careful attacker, observed
A capture from my Sebek-instrumented honeypot reveals an unusually careful attacker. A walk through what they did, what we observed, and what defenders should know.
Honeypot v2 progress: Sebek deployed
Following the honeypot range expansion, I have deployed the Sebek kernel module on the high-interaction host. A short note on the deployment and on what it captures.