LongTail Honeypot — Adventures in Cybersecurity and Coding
Monday, January 16, 2017 7:30 PM
Marist College, Hancock Center (Building 14 on map), Room 2023. Park just north of Hancock Center, or in parking lot on south-east corner of Route 9 and Fulton Street. We thank Marist College for hosting the chapter's meetings.
This program is free and open to the public. Attendees should RSVP at Meetup.com.
All are welcome to join us beforehand for dinner at the
Palace Diner at 6:00 PM.
Refreshments are served after the meeting.
For further information,
go to Pok.ACM.org (QR code below),
email Bill Collier, or phone 845-522-1971.
About the Topic
LongTail is both a honeypot and a set of programs that analyze ssh brute force login attempts. It not only determines what passwords are being tried, but it also analyzes them based on accounts tried. Where LongTail goes that nobody else currently does is that it groups them into attack patterns, and then attempts to provably group attacking IP addresses into botnets that are controlled by a single person or group of people.
This talk will discuss how the LongTail code collects and analyzes attacks, and will cover some of the coding issues that a single developer faces while creating a new project including the temptations to keep adding new code instead of going back and fixing the old code first.
About the Speaker
Eric Wedaa is currently a CyberSecurity Contractor at Marist College, and a Senior System Administrator at Ferguson Enterprises. He has been involved with Unix system administration since 1987, and has been actively involved with Unix security since 1992.