Friday, March 25, 2011

Nepenthes on FreeBSD

I just installed FreeBSD 8.2 on my old laptop, since I can't find a buyer yet (it's cheap by the way, only RM500!, COD anywhere if you wanna buy from me). Basically I know that FreeBSD sockets work differently unlike Linux, so some of the works done on Dionaea honeypot can't be ported directly to FreeBSD. 

So now I use Nepenthes port on FreeBSD, the installation wasn't difficult if you're using prepackage pkg, just 
pkg_add -rv nepenthes

or go to /usr/ports and make search name=nepenthes for you to later run make install clean

In FreeBSD however, the Nepenthes will not work directly, since it cannot find /var directory within the /usr/local

So basically, you can simply

mkdir -p /usr/local/var/binaries
mkdir -p /usr/local/var/hexdumps

since in the etc/nepenthes.conf the configuration was stated as such.

For me, since I want to send my malware collection info to mwcollect Alliance, what I have to is to add the following line:


  "submitmwserv.so",               "submit-mwserv.conf",       ""

And your nepenthes should work. 
However this tutorial isn't complete by itself, unlucky for you since I am lazy.

Monday, March 7, 2011

CECOS V Kuala Lumpur, April 2011

Hi,

Anti Phishing Working Group (APWG) will be organizing an annual event called as CECOS (stands for Counter E-crime Operations Summit) in Kuala Lumpur. If you are a student, government staff, legal officer or an academician like me, there is significant discount for the entrance fee. If you're presenting a paper, that's better - the fee will be waived.


More info regarding the fee, here