Archive for the ‘News’ Category


Forensic Challenge 5 – Log Mysteries

Wednesday, September 1st, 2010

The Honeynet Project has recently announced Forensic Challenge 5. This challenge takes you into the world of virtual systems and confusing log data. Figure out what happened to a virtual server using all the logs from a possibly compromised server.


Challenge 5 has been created by Raffael Marty from the Bay Area Chapter, Anton Chuvakin from the Hawaiian Chapter, and Sebastien Tricaud from the French Chapter. It is a bit more open ended than the last challenges.

The questions are a more open ended than past challenges. To score highly, we recommend to answer the following way:

* Accuracy is highly encouraged to get the highest note
* You must explain tools you used and how
* If you use visualization tools such as afterglow, picviz, graphviz, gnuplot etc. explain why this was better (than other tools, than other visualization): such as good timeline representation etc.
* Outline HOW you found things

Submission deadline is September 30th and we will be announcing winners around October 21st. We have a few small prizes for the top three submission.



VoIP Honey, a honeypot for VoIP

Saturday, June 26th, 2010

The guys at Bytecoders have released VoIP Honey, a comprehensible honeypot for VoIP (Voice over IP) networks. VoIP Honey provides a set of tools for building an entire honeynet, thus includes honeywall and honeypot emulating VoIP environments such as Asterisk PBX or OpenSer with fully configurable connections.


To facilitate the work VoIP Honey includes a very nice bash-like command line interface based on ncurses, with history and auto-complete features. Also offers comprehensive well-structured and full configurable debug information.

As the authors say the VoIP Honey project is in a very basic early stage and it is only recommend to use it for testing in a strictly controlled network environments without direct Internet connection (in example Virtual Machines).

Photo by kozumel

Mailing list moved

Monday, March 2nd, 2009

We have moved our mail list location to The new address is

Comments Off


New member

Sunday, March 1st, 2009

We are glad to announce that our group has a new member. He is Pedro Sánchez, a security administrator of “Asociación Técnica de Cajas de Ahorros”.

He has worked in important companies as a security consultant specialized in computer forensics, honeynets, intrusion detection, firewalls, he also holds CISM and CHFI certifications. More details at members page.

Welcome aboard, Pedro! :)