 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Alan,I was in your same position about two years ago or so now, doing much the same project. I did an independent study using Lance Spitzner's "Honeypots: Tracking Hackers" book, which I must highly recommend you read, as a text of sorts. There are also numerous honeypot articles out on Security Focus (www.securityfocus.com) that have slightly more current information, not to mention different information. As for your data collection needs, I must hightly recommend the following combination of tools: * Honeyd * Snort * MySQL * Apache * ACID (Analysis Console for Intrusion Databases - I believe)It's probably best to have honeyd and snort on one *nix box, with mysql, apache, and acid running on another if possible. ACID can be a bit tricky to configure, but once you get it up, it'll give a nice little GUI-esque interface to view your data on. Hope that helps, VHP3 Alan Chung wrote: Hi all,I am bachelor degree final year student. I am interesting in network security, and my final year project will working about Honeypots or Honeynet.My final year project topic is "Profiling Security Threats with Honeypots" The project plan is deploy a centralized database to collect the data and design user interface. Then using the user interface to summarize, profiling and report the threats. But I have few confuse about my topic. Because my topic may be across two topics in the honeynet project recommend project topics list, they are "Profiling" and "Honeynet Phase IV". I am first time to doing a research, so I afraid that my topic can it working with this two topics. And I don't my topic can work or not. I am very interesting in working with you and learning more about this area. Thanks ! Alan. ~^_^~
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.