An Information Security Community
For over two years now, my ssh-honeypot kippo (developed by Upi Tamminen) is receiving “visits” from all over the world. With an easy to guess root password 123456, to shorten the brute force attacks I have gathered some interesting data/statistics.
So to sum things up:
First attack on Monday, 26-Jul-2010, 09:11 AM
Total login attempts 474433
Distinct source IP…
Added by Leon van der Eijk on December 24, 2012 at 7:56am — No Comments
Identifying unknown files by using fuzzy hashing…
Added by Leon van der Eijk on October 24, 2010 at 7:36am — No Comments
On the 23th of July I started with the SSH honeypot kippo. So after a good two months I decided to collect all the urls/locations those “1337 h4x0rs” are wgetting all their files from.
I came up with the following list:
Added by Leon van der Eijk on August 2, 2010 at 6:47am — No Comments
After spending some time in our laboratory, experimenting with some ruby scripts for the metasploit framework, I conducted a small experiment. I was wondering what if I could carve files out of
memory-dump files ?! It could be possible to carve out portable
executables/malware as well. This write-up demonstrates what I did.
How to get malware
Added by Leon van der Eijk on March 1, 2010 at 4:11am — No Comments