Honeynet Project

Honeynet Project Launches ‘Ghost’ To Snare USB Malware

The Honeynet Project launched a new project Thursday that is designed to snare malware that spreads by infecting removable USB (universal serial bus) storage drives, citing the increased reliance of malicious programs on portable drives to move from computer to computer.

As the world prepares for the complete destruction of the Internet tomorrow when the Conficker worm makes a small change in its communication protocol, a voice of reason has emerged from the wilderness. The Honeynet Project on Monday released a paper with a detailed analysis of the worm as well as some weaknesses in its design that allow for identification of infected machines.

Just days ahead of an April 1st activation date for the Conficker worm, a pair of security researchers from the Honeynet Project have scored a major breakthrough, finding a way to remotely and anonymously fingerprint the malware on infected networks.
Now, with the help of Dan Kaminsky and Rich Mogull, off-the-shelf network scanning vendors, including the freely available nmap, have the ability to quickly detect Conficker infections.

By Robert Lemos, SecurityFocus
A number of security-focused open-source projects have announced their participation as mentoring organizations in Google’s Summer of Code [google.com].
They include the NMap Project, the OpenSSH project and the Honeynet Project.
Read the full article [securityfocus.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.