Virus Blog

Good news everyone =)

We added another 7400 IP addresses to the Amun honeypot to evaluate its behaviour. We now have an average of about 400 simultanous connections and a system load of 1.

Since the we added the additional IP addresses we have downloaded about 90 unqiue binaries. So the average download of new binaries raised from 3-5 per day to about 10-15.

Furthermore we have implemented submission modul support. Currently there exists only one submission modul, namely the submit-md5 modul. It stores the file with md5 hash as filename to local disc.

The Python Honeypot Amun is closing in on its first release. The current version seems to be quite stable and most of the basic modules have been implemented.

Since the 26th of July we have collected 261 unique binaries, as determined by the md5 hash. Amun is running 25 different vulnerability modules listening on 25 different ports. Some of these modules are still experimental and are not fully implemented yet, but most of them work perfectly.

The Honeypot has 500 IP adresses assigned and with about 86 simultanous connections an average load of 0.86 (what a coincidence).