Sharma happens to be the co-founder of Ethical Hacking forum, Hackers Garage.

Sumit recently gave talk at NullCon Goa entitled “Capturing Zero-Day Information”, by leveraging on honeypots.

So Sumit how long you have been working on this stuff?

I have been into IT security for past 5+ years with 4 years of Penetration Testing experience.

You also happen to be a member of the IndianHoneynet Project.Tell us about it.

The Indian Honeynet Project (IHN) is aimed towards researching worms and botnets. Aside from that, in the past few years we have been successful in trying to set up lots of web honeypots.

We have proposed projects in Mumbai, Pune, Delhi, Raipur and Bangalore in India.

“Capturing Zero-Day Information!” Tell us how do you do that?

We have been doing research on designing a high-interaction web spider, which would help us identifying unknown threats on the internet. Our research project has been successfully tested with the least number of false positives.

Apart from capturing unknown threats we have been tracking spam, web shells etc..

On a daily basis, we:

  • Collect new samples (binaries) for analysis.
  • Collect new web backdoor shells for analysis.
  • Collect information on what web attacks are trending.
  • Collect list of spamming IP addresses.
  • Track andtrace spamming campaigns.
  • Collect new malicious URLs involved in phishing attacks.
  • Track andtrace botnets.

Can you provide us some of the spam statistics?

How can the capture information be made useful?

Apart from statistics, we can use the information for IDS rules, Firewall filters and anti-virus signatures.One can also collaborate with ISPs for IP blacklisting.Most importantly this information is much useful for sinkholing.

Can you please provide us some of the honeynet statistics?

Want to learn more?? The InfoSec Institute Ethical Hacking course goes in-depth into the techniques used by malicious, black hat hackers with attention getting lectures and hands-on lab exercises. While these hacking skills can be used for malicious purposes, this class teaches you how to use the same hacking techniques to perform a white-hat, ethical hack, on your organization. You leave with the ability to quantitatively assess and measure threats to information assets; and discover where your organization is most vulnerable to black hat hackers. Some features of this course include:

  • Dual Certification - CEH and CPT
  • 5 days of Intensive Hands-On Labs
  • Expert Instruction
  • CTF exercises in the evening
  • Most up-to-date proprietary courseware available