honeynet project

Mission

Our mission is to conduct research into current hacker tactics and methodology and to strengthen our students knowledge in the areas of illicit computer activities, current trends in hacker activities, incident response and forensics.

About Honeynets

A Honeynet is a type of honeypot. Specifically, it is a high-interaction honeypot designed to capture extensive information on threats. High-interaction means a Honeynet provides real systems, applications, and services for attackers to interact with (as opposed to low-interaction honeypots such as Honeyd, which provide emulated services and operating systems). It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a Honeynet different from most honeypots is that it is an entire network of systems. Instead of a single computer, a Honeynet is a network of systems desinged for attackers to interact with. These victim systems (honeypots within the Honeynet) can be any type of system, service, or information you want to provide.

“Know Your Enemy: Honeynets.” Honeynet Project. 12 November 2003.

To learn more about Honeynets or the Honeynet project please visit the Honeynet Project’s website at http://www.honeynet.org.

Current Activities

C-SAIT’s Gen II Honeynet first went live in 2004. In 24 hours of operation over 50,000 packets traversed our network. Our current network topology contains server, the honeywall which is running on a 3 Ghz computer with 1 gig of ram, a Cisco Catalyst 3550 switch and a Cisco 2600 router. We plan to bring a Linux based server online soon to expand our research capabilities.