A Year in the Life of the Irish Honeynet: Attacked, Probed and Bruised but Still Fighting

Article type: Research Article

Authors: Curran, Kevin | Morrissey, Colman | Fagan, Colm | Murphy, Colm | O'Donnell, Brian | Fitzpatrick, Gerry | Condit, Stephen

Affiliations: Internet Technologies Research Group, University of Ulster, Magee Campus, Northland Road, Northern Ireland | Espion Ltd, Dun Laoghaire, Co. Dublin, Ireland | Deloitte & Touche, Earlsfort Terrace, Dublin 2, Ireland

Note: [] Corresponding author. E-mail: [email protected]

Abstract: Viruses, Trojan horses and various types of remote rogue attacks are on the increase. IT security professionals are under increasing pressure to patch their organisations networks. There is a need for up-to-date information on preventing these attacks. The Irish Honeynet Project is an all volunteer, non-profit organisation committed to sharing and learning the motives, tools, and tactics of the hacking community. Once compromised, a honeynet can be used to observe the intruders' activities and behaviour. This allows a detailed analysis of the tools used by the intruders as well as the vulnerabilities used to compromise the honeypots. This paper outlines the technical configuration of a honeynet and presents some of the key attacks on the honeynet to date. It also serves to highlight the importance of a honeynet in detecting internet blackhat activity.

Journal: Information Knowledge Systems Management, vol. 4, no. 4, pp. 201-213, 2004