Presentation is loading. Please wait.

Presentation is loading. Please wait.

,Cyber Defense Competitions Club

Published bySpencer McCormick Modified over 6 years ago

Similar presentations

Presentation on theme: ",Cyber Defense Competitions Club"— Presentation transcript:

1 ,Cyber Defense Competitions Club
Author: Alexander A. Rodriguez-Vargas Disclaimer: This club meeting and presentation is only provided for educational purposes and in no way do we recommend or encourage offensive activity outside of a sandboxed environment. We also own the devices that were used as targets in these scenarios.

2 Honeypots Decoy servers or systems setup to gather information regarding an attacker or intruder into your system. The Honey Pot system should appear as generic as possible. (example: Microsoft NT based system) You will want to make your Honey Pot an interesting site by placing "Dummy" information. Expect to spend some time making your Honey Pot appear legitimate so that intruders will spend enough time investigating and perusing the system so that you are able to gather as much forensic information as possible.

3 Honeypots

4 Honeypot Selections The ULTIMATE Honeypot Distro: HONEYDRIVE3
Honeyd (very configurable) Kippo-Graph (ssh, collects scripts) Conpot (SCADA) Dionaea (Malware collector) LaBrea Kfsensor (Commercial Windows product) HoneyBot (Windows based) product The ULTIMATE Honeypot Distro: HONEYDRIVE3

5 Kippo Download the ova file from sorceforge and import the VM into VirtualBox Boot the VM Follow instructions from the README.txt on the Desktop to start kippo In the command prompt, find your ipaddress Ifconfig Replace the ip address below with honeydrive’s. Browse to to view statistics: Top 10 ip addresses Top 10 passwords attempted to login etc

6 Scans & Attacks Scan the IP to check for open ports etc.
nmap –sS –O --reason --max-retires=2 –T4 -sV –Pn –sC XXX > nmap.txt Unzip your password list gzip –d /usr/share/wordlists/rockyou.txt.gz Bruteforce the ssh password with hydra hydra –v -l root –P /usr/share/wordlists/rockyou.txt XXX ssh Login to the honeypot with ssh! Ssh Then type the password you found through bruteforcing.

7 Honeypot References

Download ppt ",Cyber Defense Competitions Club"

Similar presentations

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
Honeypots Presented by Javier Garcia April 21, 2010.

Honeypots Presented by Javier Garcia April 21, 2010.
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
SIS - Security Lab Introductory Session University of Pittsburgh 2006.

SIS - Security Lab Introductory Session University of Pittsburgh 2006.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Copyright 2010 Justin C. Klein Keane Using Kojoney Open Source Low Interaction Honeypot to Develop Defensive Strategies and Fingerprint Post-Compromise.

Copyright 2010 Justin C. Klein Keane Using Kojoney Open Source Low Interaction Honeypot to Develop Defensive Strategies and Fingerprint Post-Compromise.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
13Computer Intrusions Dr. John P. Abraham Professor UTPA.

13Computer Intrusions Dr. John P. Abraham Professor UTPA.
Penetration Testing Training Day Capture the Flag Training.

Penetration Testing Training Day Capture the Flag Training.
C & Unix Final Session Review (… because I, too, can do PowerPoint …)

C & Unix Final Session Review (… because I, too, can do PowerPoint …)
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.

ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
How to setup Genesis LC1 and Genesis Flex with the Buffalo Access Point to maximize wireless performance…

How to setup Genesis LC1 and Genesis Flex with the Buffalo Access Point to maximize wireless performance…
Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013.

Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013.
Honeypot and Intrusion Detection System

Honeypot and Intrusion Detection System

Similar presentations

Ads by Google