Posts Tagged ‘windows’

Story of an Attack

Monday, June 16th, 2008

Our windows 2000 server honeypot in the NoAH testbed was attacked on 2nd June 2008. This is the story of this attack. The rough picture is:

  • The attacker connected from 80.60.158.116 to our win2k server honeypot.
  • Aim was to exploit a vulnerability in the WINS service at port 42.
  • Date was 2nd June 2008 18:45 GMT +0200.
  • The attack was not detected by the snort IDS.
  • Argos raised an alert of type “RET”.
  • The EBP contained the value 0×90909090 which results obviously from a stack buffer overflow. Thus, a false positive can be excluded.

Click to continue reading “Story of an Attack”

Update for windows Honey@home software

Friday, May 16th, 2008

Honey@home logoAn updated version of windows Honey@home has been released. The new version has been developed using the Microsoft .NET 2.0 framework. New features in this version include an installation wizard, a registration wizard, settings manager and automatic updating.

The application is available from the Honey@home website. Continue reading for more details on the new features.

Click to continue reading “Update for windows Honey@home software”