Presentation is loading. Please wait.

Presentation is loading. Please wait.

Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey."— Presentation transcript:

1 Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey

2 Purpose? ● To build a honeynet to trap botnet and worm behavior in darknet addresses. ● Collect data for worm and botnet detection.

3 Tools ● VMWare  Create virtual machines to use as honeypots  Currently using VMWare server beta version with two virtual machines of Windows XP and two of Linux Red Hat  Each honeypot has an internal IP to communicate with the dispatcher ● Click  Firewall + Dynamic NAT  Dynamic mapping table to maintain traffic balance between honeypots ● Chose Click for this purpose after Honeywall was determined to not suit our purposes

4 ● Progress since midterm:  Configured Click to rewrite IP packets entering beetle ● Problems:  Sending packets from beetle back out into the Internet ● Seems as though packets are being blocked by firewall

5

6

7

8

9

10

11 ● One thing is for certain: There is an enormous amount of traffic entering the darknet

12 ● Future work:  Finding out exactly what the problem is with traffic leaving beetle and fix it  Install software to analyze traffic and activity on honeynet  Collect data

Download ppt "Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey."

Similar presentations

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Routing Basics By Craig Lindstrom. Overview Routing Process Routing Process Default Routing Default Routing Static Routing Static Routing Dynamic Routing.

Routing Basics By Craig Lindstrom. Overview Routing Process Routing Process Default Routing Default Routing Static Routing Static Routing Dynamic Routing.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
Dec, 20081 Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.

Dec, Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
1 Understanding Botnet Phenomenon MITP 458 - Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.

1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
Routing and Routing Protocols Introduction to Static Routing.

Routing and Routing Protocols Introduction to Static Routing.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Team Excel What is SPAM ?. Spam Offense Team Excel '‘a distinctive chopped pork shoulder and ham mixture'' Image Source:Appscout.com.

Team Excel What is SPAM ?. Spam Offense Team Excel '‘a distinctive chopped pork shoulder and ham mixture'' Image Source:Appscout.com.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.

1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
Introduction to Honeypot, Botnet, and Security Measurement

Introduction to Honeypot, Botnet, and Security Measurement
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
BotNet Detection Techniques By Shreyas Sali

BotNet Detection Techniques By Shreyas Sali
CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing
Hands-On Virtual Computing

Hands-On Virtual Computing
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.
Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls.

Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls.

Similar presentations

Ads by Google