Security Basics mailing list archives

Re: Collecting Malware

From: Adam Pal <pal_adam () gmx net>
Date: Thu, 16 Jul 2009 20:41:21 +0200

Hello Brian,

Depends what you are looking for, basicaly you seem to be looking for
a honeypot, nepenthes can simulate a lot of different vulnerabilities,
maybe you find it interesting since it also collect the attack vectors
of malware and logs whatever you set.

There are also some windows-based honeypots, but i dont know them.

In case you set up an honeypot network and want to log everything what
happens on a different box, have a look at honeywall, it act like a
transparet box which route all trafic to the respective box, but logs
a lot (https://projects.honeynet.org/honeywall/)




-- 
Best regards,
 Adam Pal   

Thursday, July 16, 2009, 2:14:01 PM, you wrote:

<==============Original message text===============
BP> I'm looking to get "spammed" or "attacked" so to speak for the purpose
BP> of collecting malware for analysis. I've set up a few vulnerable
BP> machines on my network, made some changes to my router to expose those
BP> machines. I've also signed up for various email addresses in hopes
BP> that something comes (malicious attachments) through that way. My
BP> question is, what is the best way to collect malware, if there is even
BP> one solid method?

BP> ------------------------------------------------------------------------
BP> Securing Apache Web Server with thawte Digital Certificate
BP> In this guide we examine the importance of Apache-SSL and who
BP> needs an SSL certificate.  We look at how SSL works, how it
BP> benefits your company and how your customers can tell if a site is
BP> secure. You will find out how to test, purchase, install and use a
BP> thawte Digital Certificate on your Apache web server. Throughout,
BP> best practices for set-up are highlighted to help you ensure
BP> efficient ongoing management of your encryption keys and digital certificates.

BP> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
BP> ------------------------------------------------------------------------

<===========End of original message text===========

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Collecting Malware Brian Pohlman (Jul 16)
- RE: Collecting Malware Ian Bradshaw (Jul 16)
  - Re: Collecting Malware Geoffrey J Gowey (Jul 17)
- Re: Collecting Malware Mike Acker (Jul 16)
- Re: Collecting Malware r00t (Jul 16)
- Re: Collecting Malware Adam Pal (Jul 16)
- Re: Collecting Malware p3dRø (Jul 17)
- Re: Collecting Malware Aarón Mizrachi (Jul 17)
- RE: Collecting Malware Chris Firth (Jul 17)
- Re: Collecting Malware Brandon Gotch (Jul 27)
  - Re: Collecting Malware 51l3n73y3s (Jul 27)
    - Re: Collecting Malware r00t (Jul 29)