Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

Nepenthes -finest collection- / News: Recent posts

nepenthes -finest collection- 0.1.7 release

Nepenthes is a low interaction honeypot designed to catch and store worms.

Main focus for this release was getting the shellcode signatures to a text file, as you dont have to recompile then to add shellcodes.

This removed some redunancy in the signatures, and gives better results.

Apart from this, now there is support for prelude, thanks to Harald Lampesberger for fixing the code.
There is a new module to emulate some bugs in windows ftp daemons, Harald Lampesberger contributed this to check out if the statement about how easy it was to write a module was true.... read more

Posted by Nepenthes Development Team 2006-04-23

nepenthes - the finest collection - 0.1.6 release

Nepenthes is a low interaction honeypot designed to catch and store worms. The new version 0.1.6 offers some *major* improvements in recognizing shellcodes and compiling the code on different plattforms and operating systems.

Making use of sourceforge.net compilefarm, we were able to verify code builds on
* SuSE 9 Enterprise on PowerPC
* Fedora Core 3 on AMD64
* OpenBSD 3.8 on x86
* NetBSD 2.0.2 on x86
* Debian 3.1 on x86... read more

Posted by Nepenthes Development Team 2006-01-19

nepenthes 0.1.5 release

Nepenthes is a low interaction honeypot designed to emulate known vulnerabilities to be able to capture worms.

The new release adds support for the MS05-051 vulnerability Microsoft Windows and is able to catch worms using this weakness (for example Dasher.b).

Refer to the documentation on
http://nepenthes.sourceforge.net/
for more information how it works.

Check the CHANGELOG for a more detailed report whats different.

Posted by Nepenthes Development Team 2005-12-18

nepenthes -finest collection- 0.1.4 release

By emulating widespread vulnerabilities Nepenthes is able to catch and store viruses worms using these vulnerabilities.

The 0.1.4 inclues some fixes for flaws that showed up in 0.1.3 and includes some new bindshell parsers as well as a improved xor handling.

worth an update

refer to the changelog for a complete description

https://sourceforge.net/projects/nepenthes

Posted by Nepenthes Development Team 2005-12-06

nepenthes 0.1.3 release

By emulating widespread vulnerabilities Nepenthes is able to catch and store viruses worms using these vulnerabilities.

Version 0.1.3 fixes some bugs, offers some more shellcode handling, adds emulation for the dameware exploit, and ships with the log-surfnet module to create a SURFnet intrusion detection system. ( http://ids.surfnet.nl )
Documentation got improved, manual was written.

It's worth updating.

Posted by Nepenthes Development Team 2005-11-23

nepenthes - finest collection - 0.1.1 released

By emulating widespread vulnerabilities Nepenthes is able to catch and store viruses worms using these vulnerabilities.

The new release includes emulation for the pnp exploit by house of dabus (as used by for example the ZOTOB worm), some minor/major bugfixes, and a xmlrpc powerd module&server to submit&store files on a central place for all your nodes.

The whole build process uses automake now, compiles fine on linux, freebsd(5) and macosx.... read more

Posted by Nepenthes Development Team 2005-08-31

cvs updated, project homepage set up

The Homepage works now
the documentation is still incomplete, but downloading, compiling and configuring nepenthes is described quite well.

The CVS repository got synced today
some of the major new features:

- vuln-mssql ( MS02-039 )
- vuln-netdde ( MS04-031 )
- vuln-msmq ( MS05-017 )
- vuln-upnp ( MS01-059 )
- vuln-iis ( MS03-007 MS03-051 MS04-011 )
- vuln-asn1 ( MS04-007 )

- the core got ported to win32 (at least major parts)
- RAW Socket support (works on w32 as well)
- x-7, RAW Socket example... read more

Posted by Nepenthes Development Team 2005-07-13