You are here: start

Software at carnivore.it

dionaea

nepenthes

libemu

nebula

liblcfg

MSSQL attacks examined

Simplified version of the world.

Given the number of attacks reported on mssql, and the data I gathered over the last weeks, I decided to have a look on it.

Read more…

MSSQL attacks examined · 2010-09-12 00:00 · Markus · 2 Comments · Tags:

Attacks on MSSQL

Even though I'm not the only reporting attacks on MSSQL, I've had no shiny attacks addressing the brand new mssql code for dionaea yet, I think due to protocol bugs. But I've had some nfq gathered bistreams which could be replayed to the mssql service.

The bistream replayed was collected on 2010-08-09 and was contributed by 182.236.160.29 to my port 1433/tcp. I choose this bistream for its size, which is 245625bytes, and the largest bistream I captured for mssql.

After resolving some issues, I was able to dump the commands send to the database into a text file.

Read more…

Attacks on MSSQL · 2010-08-27 15:13 · Markus · 2 Comments · Tags:

GSoC 2010

Within the umbrella of The Honeynet Project I've had two students working on dionaea as a GSoC2010 project this year. The projects were:

  • a basic SIP stack for dionaea
  • improvements on the current SMB stack

dionaea - SMB

For today, let's focus on the SMB stack improvements.

Read more…

GSoC 2010 · 2010-08-25 15:05 · Markus · 0 Comments · Tags:

nfq fun

As early adaptor I currently enjoy the nfq module for dionaea.

Read more…

nfq fun · 2010-08-06 22:40 · Markus · 0 Comments · Tags:

Related

Recent Posts

Tags

alix botnet bpf carniwwwhore ctypes dataviz dionaea ftp gnuplot libemu metasploit mssql nepenthes pcap python python3 smb sqlite ssl xmpp

Comments

start.txt · Last modified: 2010/10/13 12:09 by common
chimeric.de = chi`s home Creative Commons License Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0