From: Tillmann Werner <tillmann.werner@gm...> - 2007-10-27 11:58:03
Honeytrap has just been released in version 1.0.0.
As the core system was deeply restructured this is a new major release.
Honeytrap 1.0.0 comes with a totally revised configuration concept which
makes module handling much more flexible. The system was also redesigned
to put more tasks into modules. Analysis plugins can now create "virtual
attacks" which can be further processed with other plugins. This release
also introduces 3 new plugins:
o htm_httpDownload invokes external programs to retrieve files via HTTP
o htm_ClamAV scans downloaded binaries using the ClamAV engine
o htm_SaveFile stores attack information in directories on a harddrive
ChangeLog for honeytrap 1.0.0:
- Improved configure script
- New plugin: Basic http download wrapper
- VNC plugin redesigned to generate virtual attacks
- Safe signal delivery and handling using per-process pipes
- New configuration concept with hierarchically organized file format
- Default port configuration can be set to "ignore", "normal" or "mirror"
- New plugin: libclamav-based virus scanner module
- New plugin: Saving attack data in files is performed by a module now
- malloc(NULL) segfault bug in tftpDownload plugin fixed
- Try to download from the attacking host in case of failed ftp connect()s
- Improved connection request handling in the nfq stream monitor
- Reconfiguration on SIGHUP fixed
- Log addressed destination
You can check out version 1.0.0 from the subversion repository:
Full Source archives are also available from SourceForge's download
Get latest updates about Open Source Projects, Conferences and News.