The subject of this course is to use the Honeynet/pot technologies as a tool to discover and learn existing and new threats to networked/distributed information system. The course includes a project to build a custom honeypot for security awareness to turn the theory into a practical approach to raise awareness about security issue.
Given by : Alexandre Dulaunoy
During the period of the course, there will be a specific project to realize. The project is fully integrated into the course sessions that means some topics covered will help to enhance or complete your work.
The project is done in group. A group is composed of two people (three if required). It preferred that the group is composed of at least one student having an (recent or old) experience with a computer programming language or computer/network structure. I also prefer that the group is working on distinct coverage. That means you must express the project description as soon as possible to all the class.
As the course is mainly covering the aspect of the honeynet/pot technologies, the group has to build a specific honeypot to raise awareness inside an organization or a specific group of people. The project consists of a high-level overview of the honeypot (how it works, how its integrated inside the organization, how it is raising awareness and why it is raising awareness... )
|Sat. 05 May 2007 (09h->13h)/CRP||Introduction to Honeynet/pot Technologies
and network datacapture. Reminder regarding the legal status of Honeynet/pot and your ethical role. A high-level overview of a capture from a luxembourgish honeypot.
and History - Honeynets
Network Data Capture : Berkeley Packet Filter Legal framework of Honeynet/pots
|Sat. 19 May 2007 (09h->13h)/CRP||An introduction to the analysis of malicious software.
A sample POP3 honeypot used as security awareness tool.
|Analysis of malicious software. A POP3 honeypot used as a security awareness tool.|
|Sat. 9 June 2007 (09h->13h)/CRP||Data capture and honeypot. An attacker perspective to network and computer security. Review of the potential project.||data capture support Learning from the attackers support|
You may find that the subject is too experimental and not yet mature for real-life application. If you have any issue with the course (including the way I teach it), don't hesitate to talk about as soon as possible.