RE: Final Year Project Ideas

["Curt Purdy" <purdy () tecman com>]

Reena Pau wrote:
<snip>
> I have got
> unlimited uni resources (the ecs departemetn is amazing here
> at southampton
> uni)..... so its just a case of getting ideas. I am
> particularly intrested
> in the psychology of hacking...etc

Since you have the resources and are interested in the psychology, why don't
you do a real-world analysis by setting up multiple real and gen2 honeynets
with multiple class C's (that the uni probably has access to), and set them
up with a range of hardening with the hardest ones having an interesting
database.  Make the hardest couple of nets real class C's with real hardened
boxes, as a true l33t haxor might not be fooled by a honeynet.

Then do an analysis of the hardest couple of nets that get compromised.
That will likely assure you of getting a l33t haxor as opposed to kiddies to
do a techno-psycho analysis of.  In a worst-case scenario, you will still
have several kiddies to analyze on the softer nets.  Who knows, you might
even get some internal cracking that will help IT.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke