- What are Honeypots and why do I want them? (19 Jun 2020)
Honeypots can provide valuable insights into the threat landscape, both in the open internet as well as your internal network. Deploying them right is not always straightforward, just like interpreting any activity on them.
- Building a Cuckoo Sandbox on ESXi (26 Jun 2018)
As there are some honeypots and miscellaneous mail accounts that collect spam and malware, I am in need of a secured environment that is capable of running and dynamically analyzing the collected payloads.
There are many commercial services available, i.e. vmray or Hybrid Analysis, but there is also an Open Source contestor: Cuckoo Sandbox
- Lab Overview (12 Jun 2018)
As I am building a different approach to IDS from the bottom, I am in need of a proper lab setup.
This post outlines a high level overview to nuture a basic understanding of future architecture decisions.