[Honeywall] Introducing Nepenthes PHARM
parvinder.bhasin at gmail.com
Mon Dec 14 23:49:26 EST 2009
Just thought now is the right time to let the list know about the tool
I developed that can be a good companion to your Nepenthes honeypots.
Lance was kind enough to announce this on the Honeynet site. Now that
it has been out for a little while, I wanted to announce it on the
Honeywall distribution list too.
Here is brief intro for the tool:
Nepenthes PHARM is a perfect companion to your Nepenthes honeypot
installations. PHARM is an Open Source client/server and web portal
package, which provides central reporting and analysis of your
distributed Nepenthes based honeypots. PHARM Clients are installed on
along with your Nepenthes installs, PHARM clients listen for any
changes in nepenthes log files (logged_submissions and nepenthes.log)
and sends over the logged data and malware collected over to the
server running the PHARM server. PHARM server munges all the data
collected from PHARM Clients and provides analysis/report of your
honeypots through the PHARM Web portal. On the analytical part, Pharm
actually queries Virus total's publicly available data to report back
the detail of the malware collected.
You can go to http://www.nepenthespharm.com to download and learn more
about the tool.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Honeywall