Research

The NZ Honeynet Project is involved in various research efforts with a current focus on client honeypots. Client honeypots are devices that seek out malicious servers. More information about client honeypots can be found here.

The NZ Honeynet Project has been developing a tool for behavioral software analysis. More information about the analysis tools can be found here.

The NZ Honeynet Project is a contributor to the global distributed honeynet network (GDH). More information about the GDH can be found here.

Publications

Various publications by the Honeynet Project, the so called KYE - Know Your Enemy papers, can be found on the main Honeynet Project page.

Additional publications released by the NZ Honeynet Project and its members are listed below:

Passive DNS Replication: observations at U Auckland
- May 2006

KYE: Malicious Web Servers
- August 2007

Making Effective use of your Network Intrusion Detection System
- 20th November 2006
(click for HTML version)

Analyzing Malicious SSH Login Attempts -, 7th August 2006

After an Exploit: Mitigation and Remediation - 24th July 2006

Building a PHP Honeypot - 20th April 2006 ( HTML version )

Mambo exploit - 8th March 2006 ( HTML version )

Responding to Security Incidents on a Large Academic Network
- 14th Feb 2006 ( HTML version )

SSH Password Guessing - 31st Jan 2006 ( HTML version )