### Spanish Honeynet Project ### ver 1.3 Updated: 28 October, 2004 === MEMBERS PREREQUISITES === PURPOSE: -------- Outline what the Spanish Honeynet Project is, its goals, requirements, and how it operates. SUMMARY: -------- The Spanish Honeynet Project is a non-profit research organization of security professionals dedicated to information security focused on the research of Honeynet technologies. We have no products, services or employees, and our research is done on a volunteer basis. It is our goal to learn the tools, tactics, and objectives of the blackhat community and share these lessons learned. It is hoped that our research will benefit both its members and the security community. All of our work is OpenSource and shared with the security community. Our intend is to support the security community in any of the following three ways: -- Raise Awareness To raise awareness of the threats and vulnerabilities that exists in the Internet today. We raise awareness by both demonstrating the vulnerability of real systems in the wild through the use of honeypots and by publicizing our investigations (and that of the Honeynet Project as a whole) through conferences and talks to Spanish-speaking technical audiences. The project members have participated in the FIST Conferences, and in technical courses in some of Spain's universities (ETSIT-UPM, and UCLM). Other valuable means for raising awareness includes developing "Forensic Challenges". The project members have participated in the organization of the Spanish Forensic Challenges in cooperation with other institutions interested in honeypots and forensics such as RedIris, and have also organized the Scan of the Month Challenge #32 of the Honeynet Project. -- Teach and Inform For those in the community who are already aware and concerned, we hope to give you the information to better secure and defend your resources. Historically, intelligence about attackers has been limited to the tools they use. The Spanish Honeynet Project intends on providing additional interesting information. For example, their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. The Spanish Honeynet Project is committed to providing information in two ways: either through whitepapers developed by the members of the project after the investigation of our honeypots or through the translation to Spanish of content provided by other members of the Honeynet Alliance. The Spanish Honeynet Project has already translated most of the content of previous investigation and has coordinated it, within the framework of the Honeynets in Spanish project. The Spanish Honeynet Project will also provide up-to-date information to Spanish most recognized technical magazines in the security arena, and will publish its findings through them to inform security professionals of its findings. -- Research The Spanish Honeynet Project will help other interested organizations, such as technical universities, in developing their own ability to research threats or adversaries. It will also establish contact with IT security research departments in Spanish universities and other government organizations in order to deploy and maintain honeynet works outside the Project's own network. This will provide additional information that will be analyzed by the project. Specific contacts will also be introduced with some technical organizations including Red.es (Antivirus alert network) and the AUI (Pepi-II Anti-Spam campaign) when researching service-oriented honeypots. Any individuals or organizations interested to share experiences in Honeynet technologies are encouraged to join the Spanish Honeynet Mailing List (either in English or Spanish language). REQUIREMENTS: ------------ We welcome any individuals or organizations who are interested in becoming a part of this group's research and activities. We accept either Spanish or English spoken members. We are specially interested in having contact with research groups (Universities, Providers, etc.), either those already working or familiarized with Honeynet technologies or those merely concerned with Internet attacks and their effects (fraud, spam, worms, etc.). We would be pleased to offer any technical help, capture probes, etc. to improve their overall security and knowledge of the Internet threats. Any individual or organization may apply to the Spanish Honeynet Project as long as they meet the following requirements. - They are or belong to a legitimate or recognized organization. - They have studied/developed and deployed or are in the process of studying/developing and deploying honeynets. - Must have a designated representative to represent the organization for the Spanish Honeynet Project. - Organization/individual must have a PGP key. - Organizations/individuals are expected to play an active role in the Project. An organization/individual that is not taking any active role will be given a warning after three months of inactivity. After six months of inactivity, the organization/individual will be asked to step down from the Project. All comments, suggestions, or corrections should be sent to project@honeynet.org.es. --- The Spanish Honeynet Project