honeynet project

News

SAIT Report Affirmed.
FSView Op BRAVO Article.
SAIT joins Operation Bravo.
WFSU Op BRAVO Interview.
SAIT Diebold Review.
SAIT CD13 Report Released
Dr. Yasinsac at NAE’s 2007 Evoting Symposium.

Best viewed with a DHTML & CSS2 comp- atible browser in 1024x768 or higher.

Mission

Our mission is to conduct research into current hacker tactics and methodology and to strengthen our students knowledge in the areas of illicit computer activities, current trends in hacker activities, incident response and forensics.

About Honeynets

A Honeynet is a type of honeypot. Specifically, it is a high-interaction honeypot designed to capture extensive information on threats. High-interaction means a Honeynet provides real systems, applications, and services for attackers to interact with (as opposed to low-interaction honeypots such as Honeyd, which provide emulated services and operating systems). It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a Honeynet different from most honeypots is that it is an entire network of systems. Instead of a single computer, a Honeynet is a network of systems desinged for attackers to interact with. These victim systems (honeypots within the Honeynet) can be any type of system, service, or information you want to provide.: “Know Your Enemy: Honeynets.” Honeynet Project. 12 November 2003.

To learn more about Honeynets or the Honeynet project please visit the Honeynet Project’s website at http://www.honeynet.org.

Current Activities

SAIT Labs’ Gen II Honeynet went live on October 5, 2004. In the first 24 hours of operation over 50,000 packets traversed our network. Our current network topology contains one Win2000 server, the honeywall which is running on a 3 ghz computer with 1 gig of ram, a Cisco Catalyst 3550 switch and a Cisco 2600 router. We plan to bring a Linux based server online soon to expand our research capabilities.