Hacking

InfoSec Institute Interview: Sumit Sharma

D12d0x34X
March 27, 2013 by
D12d0x34X

Sumit Sharma happens to be the co-founder of Ethical Hacking forum, Hackers Garage.

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

Sumit recently gave talk at NullCon Goa entitled "Capturing Zero-Day Information", by leveraging on honeypots.

So Sumit how long you have been working on this stuff?

I have been into IT security for past 5+ years with 4 years of Penetration Testing experience.

You also happen to be a member of the IndianHoneynet Project.Tell us about it.

The Indian Honeynet Project (IHN) is aimed towards researching worms and botnets. Aside from that, in the past few years we have been successful in trying to set up lots of web honeypots.

We have proposed projects in Mumbai, Pune, Delhi, Raipur and Bangalore in India.

"Capturing Zero-Day Information!" Tell us how do you do that?

We have been doing research on designing a high-interaction web spider, which would help us identifying unknown threats on the internet. Our research project has been successfully tested with the least number of false positives.

Apart from capturing unknown threats we have been tracking spam, web shells etc..

On a daily basis, we:

  • Collect new samples (binaries) for analysis.
  • Collect new web backdoor shells for analysis.
  • Collect information on what web attacks are trending.
  • Collect list of spamming IP addresses.
  • Track andtrace spamming campaigns.
  • Collect new malicious URLs involved in phishing attacks.
  • Track andtrace botnets.

Can you provide us some of the spam statistics?

How can the capture information be made useful?

Apart from statistics, we can use the information for IDS rules, Firewall filters and anti-virus signatures.One can also collaborate with ISPs for IP blacklisting.Most importantly this information is much useful for sinkholing.

Can you please provide us some of the honeynet statistics?

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

D12d0x34X
D12d0x34X

Rashid Bhat is an Independent Security Researcher as well as a contributor to InfoSec Institute. His areas of expertise include exploitation, malware analysis and reverse engineering. Twitter: http://twitter.com/raashidbhatt