So, now that the semester will be starting soon, I want to get some action items off the ground while I have (some) time. Mainly:
- Get my own honeypot(s) working so I can see what is out in the wild, especially what’s attacking MITnet (the 18.X.X.X subnet). I’m planning to use nepenthes or Dionaea, low interaction honeypot tools, on an old iPod touch with the MobileTerminal emulator on it. I might use my Raspberry Pi as an HTTP server for uploads from the iPod, since it’s a bit weak/slow for constant access. If the iPod can’t handle nepenthes, I can run the honeypot on the Pi, but I would prefer to have some use for this old thing. I’ve been wanting to do this for a bit, and I’m not sure if it’s possible, but it’s worth a try.
- Perform full analysis of a malware sample from current trackers. It’s time to look at some malware from the wild rather than from books and courses (although that malware was, of course, originally in the wild).
Stay tuned for the blog post follow-up for these goals!