The honeyTARG Honeynet Project, led by CERT.br, is a Chapter of the Global Honeynet Project focused on using low-interaction honeypots to gather information about the Internet infrastructure's abuse by attackers and spammers.
Currently we have the following projects:
- Spampots Project
- Distributed Honeypots for Attack Trend Analysis
The Spampots Project uses low-interaction honeypots to gather data related to the abuse of the Internet infrastructure by spammers. The main goals are:
- measure the problem from a different point of view: abuse of infrastructure X spams received at the destination
- help develop the spam characterization research
- measure the abuse of network infrastructure to send spam
- develop better ways to
- identify phishing and malware
- identify botnets via the abuse of open proxies and relays
CERT.br maintains the Distributed Honeypots Project, whose objective is to increase the capacity of incident detection, event correlation and trend analysis in the Brazilian Internet space.
The data produced by the project include
- Daily summaries to project partners, with detailed information about the traffic observed in each honeypot;
- A system to notify CSIRTs of networks that generate attacks against the honeypots;
- The following public statistics:
Daily statistics for the network flow data directed to honeypots from the Distributed Honeypots Project
TCP/UDP Port Summary
Port summary statistics for TCP/UDP traffic data directed to honeypots from the Distributed Honeypots Project.