- IPv4 Honeyd Analysis
- Network Technologies Department of ULAKBIM (Turkish Academic Network and Information Center) operates Turkish National Research and Education Network (ULAKNET) made up of 100.000 lecturers and research assistants, and more than 2.500,000 higher education students. An instance of Honeyd honeypot is used with a blackhole within ULAKNET. Honeyd provides only IPv4 services and gets attacks based on IPv4. All honeyd logs are directed to central computer and analyzed periodically. Daily and hourly stastics graphs are generated according to attacking networks and Ports. On the other hand, only daily graphs are generated for attacking countries, IPs and operating systems.
You can access IPv4 honeyd statistics via : http://istatistik.ulakbim.gov.tr/balkupu/
- IPv6 Honeypot "KOVAN"
Kovan is an IPv6 honeypot project. It is developed under the Design of National IPv6 Infrastructure and Transition to IPv6 Protocol project. Kovan is a virtual honeypot framework that mimics a real network behavior to attract attackers. Virtual honeypot idea is feasible for system holders because their system requirement is fewer compared to real systems. In addition, virtual honeypots are more attractive in the view of attackers because a "real looking" network topology can be implemented more easily. Kovan extensively utilizes virtual networking concept to provide a working environment for upper level honeypots such as Argos and Nepenthes.
- Automated (DNS) Record Identifier "ARI"
- ARI (Automated Recource Identifier) is an multithread DNS query tool. Given a root domain name, a character space (alphabet) and min/max word lengths, ARI queries all possible subdomain names. ARI is designed to utilize parallelism concept; it is multithreaded and can be used on a set of computer in parallel. Source code can be accessed via sourceforge: http://sourceforge.net/projects/dnsari/
- DNS Fingerprint Fakener
- DNS Fingerprint Fakener is a proof-of-concept code for creating fake services with different versions. Fakener reverses the fingerprint rules of fpdns ( http://code.google.com/p/fpdns/ ) application. This project is the first step for advanced fingerprint fakener applications. We are planning to develop a advanced fakener that can take any rule and reverse it.