From EuroTrashSecurity

Contents 1 Episode 17 1.1 Our Guest 1.2 Honeypot related content 1.3 News Stories

Episode 17

listen now

We are joined by Leon van der Eijk (http://www.twitter.com/lvdeijk) to talk on the intriguing subject of honeypots like Kippo, Dionaea, etc. Security sweetness ensues ...

Our Guest

Leon van der Eijk is a CERT member from The Netherlands who is pretty well versed on the use of honeypots. We're glad he takes the time to share some of his knowledge with us and our audience (Chris' mom especially). Leon is also an active member of the dissectingthehack.com web community.

http://lvdeijk.wordpress.com/

Honeypot related content

• Virtual Honeypots by Niels Provos, Thorsten Holz --> http://www.provos.org/index.php?/archives/20-Virtual-Honeypots-book-is-published.html
• Dionaea honeypot --> http://dionaea.carnivore.it/
• Glastopf --> http://glastopf.org/
• Kippo --> http://code.google.com/p/kippo/

News Stories

• 1) Recent breaches (Gawker, McDonalds, backtrack, exploit-db, carders.cc, …)

• 2) Mozilla puts up 44,000 old usernames and hashes for download

http://blog.mozilla.com/security/2010/12/27/addons-mozilla-org-disclosure/

On December 17th, Mozilla was notified by a security researcher that a partial database of addons.mozilla.org user accounts was mistakenly left on a Mozilla public server.

• 3) FBI plants back door in openBSD IPSEC stack

http://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/

Allegations that the FBI may have smuggled back doors or weaknesses into openBSD's cryptography have created uproar in the security community. Former government contractor Gregory Perry, who helped develop the OpenBSD crypto framework a decade ago, claims that contractors were paid to insert backdoors into OpenBSD's IPSec stack around 10 years ago.

• 4) #27c3 and #berlinsides

• 5) Defensive talks at Security Cons (this is more a discussion than a news item) but thought Wims’ blog on the matter was a good trigger: http://blog.remes-it.be/?p=494

• 6) Release of LittleBlackBox: collection of private SSL certs from embedded devices: http://code.google.com/p/littleblackbox/

• 7) Dear Husband, I’m suing you for reading my email: http://www.guardian.co.uk/world/2010/dec/27/us-man-hacking-wifes-emails

• 8) SANS Metasploit Kung Fu review - Chris dons Red Apron (Chinese?): http://blog.c22.cc/2010/12/21/sans-sec580-metasploit-kung-fu-for-penetration-testers-post-mortem/

• 9) Bankers Association writes to Cambridge University to ask for Smart Card research to be removed

http://www.lightbluetouchpaper.org/2010/12/25/a-merry-christmas-to-all-bankers/

request --> http://www.cl.cam.ac.uk/~rja14/Papers/20101221110342233.pdf

response --> http://www.cl.cam.ac.uk/~rja14/Papers/ukca.pdf

Cambridge is the University of Erasmus, of Newton, and of Darwin; censoring writings that offend the powerful is offensive to our deepest values. Thus even though the decision to put the thesis online was Omar’s, we have no choice but to back him. That would hold even if we did not agree with the material! …. You complain that our work may undermine public confidence in the payments system. What will support public confidence in the payments system is evidence that the banks are frank and honest in admitting its weaknesses when they are exposed, and diligent in effecting the necessary remedies. Your letter shows that, instead, your member banks do their lamentable best to deprecate the work of those outside their cosy club, and indeed to censor it.