DESS SSIC 2011/2012 - univ-Metz - MIM

Discovering and Learning Security Threats and Attackers
Using Honeynet/pot Technologies

Rusty fence #33

Course Description

The subject of this course is to use the Honeynet/pot technologies as a tool to discover and learn existing and new threats to networked/distributed information system and better understand attackers behaviour. The course includes a project to build a custom honeypot or related tools to turn the theory into a practical session. The course requires a high involvement from the participants. The student will have access to an operational system during the sessions to operate a real world honeypot.

Project Details

During the period of the course, there will be a specific project to realize. The project is fully integrated into the course sessions that means some topics covered will help to enhance or complete your work.

Project definition and group composition (2 max) should be sent before end of January 2012. Project will be released under a free software license and using one of the following programming language: Python, Perl, Ruby, Go, Lua, Bash or Zsh. As the development of the project will be done on an operational system, the project along with its tools might evolve following the feedback received from the attackers themselves.

Caveats

You may find that the subject is too experimental and not yet mature for real-life application. If you have any issue with the course (including the way I teach it), don't hesitate to talk about as early as possible.

Bibliography