22C3 - 2.2

22nd Chaos Communication Congress
Private Investigations

Referenten
Krisztian Piller
Sebastian Wolfgarten
Programm
Tag 3
Raum Saal 3
Beginn 22:00
Dauer 01:00
Info
ID 871
Veranstaltungstyp Vortrag
Track Hacking
Sprache englisch
Feedback

Honeymonkeys

Chasing hackers with a bunch of monkeys

As part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will present the speakers' latest research project to gain more knowledge about implementing client-based honeypots.

According to Symantec's Internet Security Threat Report VIII (September 2005) attackers these days tend to move away from large-scale attacks towards smaller but precisely focused attacks on client-side targets. Equipped with a certain "exploiting a windows box for fun and profit" mindset and supported by browser bugs, bot networks and all sorts of malicious code, attacks seem to be more and more motivated by a deep desire for money and profit ultimately marking a true shift in the today’s threat landscape.

Based on this development and as part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys.

This talk will introduce the basic concepts and ideas behind this initiative and will compare honeymonkeys to honeypots highlighting both the similarities as well as differences between those two technologies. It will also feature the speakers’ efforts and experiences in implementing, monitoring and analyzing such client-based honeypots with a step-by-step howto for starting your own honeymonkey project. Experiences and catches will be presented in a real environment, so kids please try this at home!