Akshayanti
commented
8 years ago @Anushagupta17 wants to work on this one.
Anyone else willing to lend a hand? Please notify by 23:59 PM (IST) on October 3, 2015.
Open Akshayanti opened 8 years ago
Akshayanti
commented
8 years ago @Anushagupta17 wants to work on this one.
Anyone else willing to lend a hand? Please notify by 23:59 PM (IST) on October 3, 2015.
vinmittal
commented
8 years ago i would suggest that rishab can potentially @Freak8567 https://github.com/Freak8567 participate. Reason being that there is no ldap implementation for this concept. So what should happen is that when people try to authenticate with pamldap, with honewords accounts they should get an error. Look at the script provided by the author at https://people.csail.mit.edu/rivest/honeywords/ Play with the script as well.
vineet
On Fri, Oct 2, 2015 at 11:42 PM, Akshayanti notifications@github.com wrote:
@Anushagupta17 https://github.com/Anushagupta17 wants to work on this one.
Anyone else willing to lend a hand?
— Reply to this email directly or view it on GitHub https://github.com/vinmittal/SecurityTrainingPub/issues/8#issuecomment-145111735 .
harshdattani
commented
8 years ago I would like to work in this
vinmittal
commented
8 years ago There is more to it to it then meets the eye, i would encourage that the team sets up a joint meeting to discuss this paper. This ppt here might help everyone https://people.csail.mit.edu/rivest/pubs/BR14.pptx
On Sat, Oct 3, 2015 at 12:09 AM, Harsh Dattani notifications@github.com wrote:
I would like to work in this
— Reply to this email directly or view it on GitHub https://github.com/vinmittal/SecurityTrainingPub/issues/8#issuecomment-145119089 .
Akshayanti
commented
8 years ago @harshdattani and @Anushagupta17 , you are requested to please go through the paper and suggest any changes that might be possible in the proposed system. This can be very well developed into a research paper once we are able to implement the same and then we can use offensive security for stats on effectiveness of the implementation.
Freak8567
commented
8 years ago i am in...
On Sat, Oct 3, 2015 at 12:28 PM, Akshayanti notifications@github.com wrote:
@harshdattani https://github.com/harshdattani and @anushagupta17 https://github.com/anushagupta17, you are requested to please go through the paper and suggest any changes that might be possible in the proposed system. This can be very well developed into a research paper once we are able to implement the same and then we can use offensive security for stats on effectiveness of the implementation.
— Reply to this email directly or view it on GitHub https://github.com/vinmittal/SecurityTrainingPub/issues/8#issuecomment-145210625 .
Akshayanti
commented
8 years ago @Freak8567 you are requested to do the same as mentioned in previous comment.
rushibmehta
commented
8 years ago @Akshayanti Bruteforcing with common username-password is widely used now-a-days. A newer approach to catch the 'crackers' will be to float various Honey Usernames and Passwords on popular 'Haking Tips' giving sites and forum.
From there, the 'crackers' take the username and try to enter into the servers, thereby alarming an intrusion. We can catch the intruders in this way.
Akshayanti
commented
8 years ago That sounds like a good idea. But to do that, we need a bot that can do that since it's not possible to do the same by manual effort. That can be included.
I have one question though, should we be worried about catching people trying to brute force their way in? Because we all have done that at some point of time when we have forgotten the password or tried to search for a license key for some software. Perhaps @vinmittal sir can throw some light on this issue?
harshdattani
commented
8 years ago @vinmittal @rushibmehta @Akshayanti I have created a demo script which tries to implement the paper of honey password, give it a try as per documentation. https://github.com/vinmittal/SecurityTrainingPub/tree/master/Research1/Scripts
rushibmehta
commented
8 years ago @harshdattani @vinmittal @Akshayanti Great Work Harsh..Too quick to implement. !
I have figured out a method to exploit the HoneyPassword Technique. Honey Password uses common passwords like 'password', 'admin' and so on to store in database.
Being a hacker, I would love to make false positives. What if I purposefully enter 'password' and similar kind of honeywords? This will keep on and on alarming the Admin!
Any solution?
Freak8567
commented
8 years ago we should schedule a meeting for further discussion..
vinmittal
commented
8 years ago I think frequent alerts are not a problem, the real problems in SOC is not knowing where the breach is, which is what is happening most of the time. we do not have good enough systems that can detect the breaches. I like harsha quick script using python, the problem still remains that we need to find a way to hook this up with the linux OS. We also need this inside the ldap. Any progress on that.
you may not see the advantage in a single OS, but in a cloud as Rushi observed there were thousands of attempt to get on my machine. Imagine if you have thousands of linux OS running inside the cloud, to find where the anomaly is in real time could be really troublesome. Honeypasswords do help but of course they are not the cure for everything ;)
I read the paper on honeywords mentioned in the repository for tasks under week 1. I think it's really easy to implement the same. However, it would be good to have someone work with me. Anyone interested?