This page is updated (check the update date at the end) every week after each session.

Course Description

The subject of this course is to use the Honeynet/pot technologies as a tool to discover and learn existing and new threats to networked/distributed information system. The course includes a project to build a custom honeypot for security awareness to turn the theory into a practical approach to raise awareness about security issue.

Given by : Alexandre Dulaunoy


During the period of the course, there will be a specific project to realize. The project is fully integrated into the course sessions that means some topics covered will help to enhance or complete your work.

Project - Modus Operandi

The project is done in group. A group is composed of two people (three if required). It preferred that the group is composed of at least one student having an (recent or old) experience with a computer programming language or computer/network structure. I also prefer that the group is working on distinct coverage. That means you must express the project description as soon as possible to all the class.

Project - Topic

As the course is mainly covering the aspect of the honeynet/pot technologies, the group has to build a specific honeypot to raise awareness inside an organization or a specific group of people. The project consists of a high-level overview of the honeypot (how it works, how its integrated inside the organization, how it is raising awareness and why it is raising awareness... )

Project - Rules

Project - Ideas

If you are lacking imagination, some potential ideas :

Project - Evaluation

Evaluation of the project is based : Originality (20%), Innovation (10%), Security (20%), Risks Analysis (20%), Data Collection/Analysis/Awareness (10%), Documentation (20%).


Date/Where Topic Support
Sat. 05 May 2007 (09h->13h)/CRP Introduction to Honeynet/pot Technologies
and network datacapture. Reminder regarding the legal status of Honeynet/pot and your ethical role. A high-level overview of a capture from a luxembourgish honeypot.
Intro and History - Honeynets
Network Data Capture : Berkeley Packet Filter Legal framework of Honeynet/pots
Sat. 19 May 2007 (09h->13h)/CRP An introduction to the analysis of malicious software.
A sample POP3 honeypot used as security awareness tool.
Analysis of malicious software. A POP3 honeypot used as a security awareness tool.
Sat. 9 June 2007 (09h->13h)/CRP Data capture and honeypot. An attacker perspective to network and computer security. Review of the potential project. data capture support Learning from the attackers support

Sessions - Additional Support


You may find that the subject is too experimental and not yet mature for real-life application. If you have any issue with the course (including the way I teach it), don't hesitate to talk about as soon as possible.