SlideShare a Scribd company logo

LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to detect WannaCry Worm

Indonesia Network Operators Group
Indonesia Network Operators Group

Dionaea is a low-interaction honeypot that simulates network services to attract attackers. The document discusses Dionaea's old and new simulated services, including FTP, HTTP, MongoDB, MQTT, MSSQL, MySQL, PPTP, SIP, SMB, TFTP, and UPnP. It also mentions how Dionaea detected the WannaCry attack by emulating the vulnerable SMB service exploited by WannaCry. Honeypots are useful because they allow monitoring of attacker behaviors that cannot be detected by intrusion detection systems.

Internet
1 of 10
Download to read offline
ID NOG Charles Lim Mario Marcello Next Gen Dionaea Honeypot
Honeypot • A Honeypot is – systems that are designed to be exploited, whether through emulated vulnerabilities, real vulnerabilities, or weaknesses. “Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.” Source: Malware Analyst Cookbook
Honeypot • Two types of Honeypot: – Low Interaction • Simulate most frequent services requested by attackers • E.g. Dionaea, Kippo, Honeytrap – High Interaction • Imitate the activities of the real systems that host a variety of services • E.g. HiHAT • Virtual Machine is commonly used for ease of maintenance
Honeypot – Why? • We have used IDS in the past – What we have learned: • Only known attacks are detected • Unknown attacks are not detected • Many false positives (if not properly tuned) • We use honeypot to: – Understand what is the attacker is doing, i.e. behavior of the attack – Both Low interaction & High Interaction have their own advantages and disadvantages
Services (Old Dionaea Honeypot) • SMB • HTTP/HTTPS • FTP • TFTP • MSSQL • MySQL • SIP
New Services available in next gen Dionaea Honeypot • EPMAP • FTP • HTTP • MongoDB • MQTT • MSSQL • MySQL • PPTP • SIP (VoIP) • SMB • TFTP • UPnP
Cyber Attack Statistic by KOMINFO supported by HONEYNET
Deploy Honeypot
Detecting WannaCry Dionaea open SMB service and allow the vulnerability to be exploited (remote may run exec and ping command via DoublePulsar)
References • http://www.honeynet.org/node/1353 • https://dionaea.readthedocs.io

Recommended

Honeypot
HoneypotHoneypot
HoneypotKirtiGoyal25
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deceptionmilad saber
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackersBhaskarasai Chitturi
 
Burns Sheehan Security Event
Burns Sheehan Security EventBurns Sheehan Security Event
Burns Sheehan Security EventBurns Sheehan
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...Edureka!
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingS Sai Karthik
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingWinay Choudhary
 
Final ethical hacking
Final ethical hackingFinal ethical hacking
Final ethical hackingVinayakShivapuje
 

Recommended

Honeypot
HoneypotHoneypot
HoneypotKirtiGoyal25
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deceptionmilad saber
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackersBhaskarasai Chitturi
 
Burns Sheehan Security Event
Burns Sheehan Security EventBurns Sheehan Security Event
Burns Sheehan Security EventBurns Sheehan
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...Edureka!
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingS Sai Karthik
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingWinay Choudhary
 
Final ethical hacking
Final ethical hackingFinal ethical hacking
Final ethical hackingVinayakShivapuje
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingGarla Prajwal
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAryan Saxena
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingMukul Agarwal
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber securityankit gandharkar
 
Honeypot
HoneypotHoneypot
Honeypotumarani95
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingNamrata Raiyani
 
Ethical Hacking Services
Ethical Hacking ServicesEthical Hacking Services
Ethical Hacking ServicesVirtue Security
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basicsMeenesh Jain
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBugRaptors
 
Introduction of Cyber Security
Introduction of Cyber SecurityIntroduction of Cyber Security
Introduction of Cyber Securitypenetration Tester
 
Intro
IntroIntro
IntroKalkey
 
Ethical Hacking
Ethical Hacking Ethical Hacking
Ethical Hacking Harshit Upadhyay
 
Keyloger & spyware
Keyloger & spyware Keyloger & spyware
Keyloger & spyware KashifKhan417
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)rishirvk1995
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakaleAakash Takale
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingAkshay Kale
 
Ehtical hacking speech
Ehtical hacking speechEhtical hacking speech
Ehtical hacking speechtalhaabid
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAlapan Banerjee
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 
Honeypots.ppt
Honeypots.pptHoneypots.ppt
Honeypots.pptBhanuriBharathkumar
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynetsRasool Irfan
 

More Related Content

What's hot

Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber securityankit gandharkar
 
Ethical Hacking Services
Ethical Hacking ServicesEthical Hacking Services
Ethical Hacking ServicesVirtue Security
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basicsMeenesh Jain
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBugRaptors
 
Introduction of Cyber Security
Introduction of Cyber SecurityIntroduction of Cyber Security
Introduction of Cyber Securitypenetration Tester
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakaleAakash Takale
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingAkshay Kale
 
Ehtical hacking speech
Ehtical hacking speechEhtical hacking speech
Ehtical hacking speechtalhaabid
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 

What's hot (20)

Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber security
 
Honeypot
HoneypotHoneypot
Honeypot
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking Services
Ethical Hacking ServicesEthical Hacking Services
Ethical Hacking Services
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basics
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Introduction of Cyber Security
Introduction of Cyber SecurityIntroduction of Cyber Security
Introduction of Cyber Security
 
Intro
IntroIntro
Intro
 
Ethical Hacking
Ethical Hacking Ethical Hacking
Ethical Hacking
 
Keyloger & spyware
Keyloger & spyware Keyloger & spyware
Keyloger & spyware
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakale
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Ehtical hacking speech
Ehtical hacking speechEhtical hacking speech
Ehtical hacking speech
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 

Similar to LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to detect WannaCry Worm

Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynetsRasool Irfan
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tpptArya AR
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.pptDetSersi
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynetSina Manavi
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotShah Sheikh
 
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxBernad Bear
 
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...Andrew Morris
 

Similar to LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to detect WannaCry Worm (20)

Honeypots.ppt
Honeypots.pptHoneypots.ppt
Honeypots.ppt
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
 
Honeypot
Honeypot Honeypot
Honeypot
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.ppt
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honey net
Honey netHoney net
Honey net
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honey pot day 1
Honey pot day 1Honey pot day 1
Honey pot day 1
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
 
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
 
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
 
IS-honeypot.pptx
IS-honeypot.pptxIS-honeypot.pptx
IS-honeypot.pptx
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot
HoneypotHoneypot
Honeypot
 

More from Indonesia Network Operators Group

LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your networkLT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your networkIndonesia Network Operators Group
 
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...Indonesia Network Operators Group
 
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive! 09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive! Indonesia Network Operators Group
 
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...Indonesia Network Operators Group
 
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven InnovationIndonesia Network Operators Group
 
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...Indonesia Network Operators Group
 
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...Indonesia Network Operators Group
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLANIndonesia Network Operators Group
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOGIndonesia Network Operators Group
 
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...Indonesia Network Operators Group
 
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...Indonesia Network Operators Group
 
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...Indonesia Network Operators Group
 
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The FutureIndonesia Network Operators Group
 

More from Indonesia Network Operators Group (20)

LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your networkLT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
 
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End UsersLT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
 
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
 
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive! 09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
 
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
 
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
 
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
 
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
 
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
 
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
 
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
 
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
 
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
 
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
 
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
 
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
 

Recently uploaded

Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiEscorts Call Girls
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 

Recently uploaded (20)

Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 

LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to detect WannaCry Worm

  • 1. ID NOG Charles Lim Mario Marcello Next Gen Dionaea Honeypot
  • 2. Honeypot • A Honeypot is – systems that are designed to be exploited, whether through emulated vulnerabilities, real vulnerabilities, or weaknesses. “Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.” Source: Malware Analyst Cookbook
  • 3. Honeypot • Two types of Honeypot: – Low Interaction • Simulate most frequent services requested by attackers • E.g. Dionaea, Kippo, Honeytrap – High Interaction • Imitate the activities of the real systems that host a variety of services • E.g. HiHAT • Virtual Machine is commonly used for ease of maintenance
  • 4. Honeypot – Why? • We have used IDS in the past – What we have learned: • Only known attacks are detected • Unknown attacks are not detected • Many false positives (if not properly tuned) • We use honeypot to: – Understand what is the attacker is doing, i.e. behavior of the attack – Both Low interaction & High Interaction have their own advantages and disadvantages
  • 5. Services (Old Dionaea Honeypot) • SMB • HTTP/HTTPS • FTP • TFTP • MSSQL • MySQL • SIP
  • 6. New Services available in next gen Dionaea Honeypot • EPMAP • FTP • HTTP • MongoDB • MQTT • MSSQL • MySQL • PPTP • SIP (VoIP) • SMB • TFTP • UPnP
  • 7. Cyber Attack Statistic by KOMINFO supported by HONEYNET
  • 9. Detecting WannaCry Dionaea open SMB service and allow the vulnerability to be exploited (remote may run exec and ping command via DoublePulsar)