CERT.br Computer Emergency Response Team Brazil
CGI.br NIC.br
honeypots for Threats and Abuse passive Reconnaissance and information Gathering
honeyTARG Honeynet Project

The honeyTARG Honeynet Project, led by CERT.br, is a Chapter of the Global Honeynet Project focused on using low-interaction honeypots to gather information about the Internet infrastructure's abuse by attackers and spammers.

Currently we have the following projects:

  • Spampots Project
  • Distributed Honeypots for Attack Trend Analysis

SpamPots Project

The Spampots Project uses low-interaction honeypots to gather data related to the abuse of the Internet infrastructure by spammers. The main goals are:

  • measure the problem from a different point of view: abuse of infrastructure X spams received at the destination
  • help develop the spam characterization research
  • measure the abuse of network infrastructure to send spam
  • develop better ways to
    • identify phishing and malware
    • identify botnets via the abuse of open proxies and relays


Distributed Honeypots

CERT.br maintains the Distributed Honeypots Project, whose objective is to increase the capacity of incident detection, event correlation and trend analysis in the Brazilian Internet space.

The data produced by the project include

  • Daily summaries to project partners, with detailed information about the traffic observed in each honeypot;
  • A system to notify CSIRTs of networks that generate attacks against the honeypots;
  • The following public statistics:
[Flows]



Flows
Daily statistics for the network flow data directed to honeypots from the Distributed Honeypots Project


[TCP/UDP Port Summary]

TCP/UDP Port Summary
Port summary statistics for TCP/UDP traffic data directed to honeypots from the Distributed Honeypots Project.


Chapter Contributors

  • Cristine Hoepers, D.Sc., <cristine at cert.br>, Chapter Lead
  • Klaus Steding-Jessen, D.Sc., <jessen at cert.br>, Development of Data Capture and Collection Tools
  • Marcelo H. P. C. Chaves, M.Sc., <mhp at cert.br>, Development of Data Collection and Visualization Tools
  • Dionathan Nakamura, M.Sc., <nakamura at cert.br>, Database Design and Development of Visualization Tools
  • Marcus Vinicius Lahr Giraldi, M.Sc. candidate, <marcus at cert.br>, Malware Analysis
  • Dorgival Olavo Guedes Neto, PhD, <dorgival at dcc.ufmg.br>, Spam Data Mining Research
  • Wagner Meira Jr., PhD, <meira at dcc.ufmg.br>, Spam Data Mining Research
Valid
XHTML 1.0! Valid CSS! CERT.br
$Date: 2014/04/15 15:10:00 $