[Honeywall] Introducing Nepenthes PHARM

Parvinder Bhasin parvinder.bhasin at gmail.com
Mon Dec 14 23:49:26 EST 2009


Hi List,

Just thought now is the right time to let the list know about the tool  
I developed that can be a good companion to your Nepenthes honeypots.
Lance was kind enough to announce this on the Honeynet site.  Now that  
it has been out for a little while, I wanted to announce it on the  
Honeywall distribution list too.

Here is brief intro for the tool:

Nepenthes PHARM is a perfect companion to your Nepenthes honeypot  
installations. PHARM is an Open Source client/server and web portal  
package, which provides central reporting and analysis of your  
distributed Nepenthes based honeypots. PHARM Clients are installed on  
along with your Nepenthes installs, PHARM clients listen for any  
changes in nepenthes log files (logged_submissions and nepenthes.log)  
and sends over the logged data and malware collected over to the  
server running the PHARM server. PHARM server munges all the data  
collected from PHARM Clients and provides analysis/report of your  
honeypots through the PHARM Web portal. On the analytical part, Pharm  
actually queries Virus total's publicly available data to report back  
the detail of the malware collected.

You can go to http://www.nepenthespharm.com to download and learn more  
about the tool.

Thanks
-Parvinder Bhasin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20091214/7524feb4/attachment.html


More information about the Honeywall mailing list