Posts tagged Honeypots

11 min Honeypots

12 Days of HaXmas: Beginner Threat Intelligence with Honeypots

This post is the 12th in the series, "12 Days of HaXmas." So the Christmas season is here, and between ordering gifts and drinking Glühwein [https://en.wikipedia.org/wiki/Mulled_wine#German_and_Austrian_Gl.C3.BChwein] what better way to spend your time than sieve through some honeypot / firewall / IDS logs and try to make sense of it, right? At Rapid7 Labs, we're not only scanning the internet [https://sonar.labs.rapid7.com/], but also looking at who out there is scanning by making use of ho

2 min Honeypots

Like Playing with Honeypots? Stop Playing, Start Using

Honeypots are machines whose only purpose is to entrap attackers who scan or even hack into them. Honeypots are very powerful for detecting incidents because every interaction with them is illegitimate by definition: honeypots do not host legitimate data or services, so there is no reason for a regular user to interact with them. However, honeypots come with one major drawback: a great deal of security professionals have told me that they built a honeypot, played around with it, and eventually

1 min Open Source

Webcast: Playing in the Sandbox - Open Source Tools for Threat Intelligence

If you missed last week's webcast in the Life's a Breach series, I have good news for you: The recording is now available [http://information.rapid7.com/open-source-tools-for-threat-intelligence-on-demand.html?LS=1315242&CS=web] . In this webcast, Claudio Guarnieri, security researcher with Rapid7 and creator of Cuckoo Sandbox, shows what we can learn from analyzing malware that have been caught with honeypots. By watching this webcast you will learn: * How to actively collect and analyze thr