I remember when the hoopla was about radio scanners eavesdropping on analog cordless phones. Every new technology seems to introduce a new way to violate our privacy. This little gem seems to allow capturing or recording audio while a bluetooth device is not actually in a call. This would mean that you can eavesdrop from room-to-room or with a laptop, from car-to-car at a stoplight even when someone is not using their bluetooth headset.
Here is a link to a useful collection of bluetooth hacking tools.
I’m still wrestling with the best way to represent the data from my Honeypot experiment. The plan is to create a color-code map to represent the data in different ways. I’m looking at software like GMT (Generic Mapping Tools) and Quantum GIS which uses the formidable GRASS open-source GIS system. I’ve even started dumping data into Google Base (more on this in an upcoming article) just to explore that as an option since it heavily tied into Google Maps. Regardless, I have not settled on a presentation format for the data. Once I do, i’ll start updating it regularly. “The Experiment” is so interesting to me that I’ve decided to continue the honeypot and perhaps even launch more honeypots.
Until i’ve settled on a presentation format, i’m simply going to post some of the statistics here.
I’ve now been running my honeypot for some period of time and while i’m not sure what conclusions you can draw from the results, I can certainly say they are interesting. Over the course of the next week, i’m going to be posting the results of the analysis of the log files and hacker tracking system that I installed for the purpose of this experiment. I’ll include summaries of the types of attacks (see chart below), countries of origin, persistence (how many attempts were made by a single hacker), and hacker CQ (cleverness quotient). The CQ is a measure of both the methods and types of attacks by a single hacker including analysis of probes, whether they attempted to cover their tracks using a proxy and whether they actually did cover their tracks by using an anonymous proxy.
A couple of months ago, I started an experiment with honeypots. The goal was not to trap or track hackers but to gather statistics for newbies. The first step involved setting up the site and getting it listed in the search engines. That turned out to be no easy task since the best search engines actually require you to have real content on your site before you get listed in any significant way. After accomplishing this, my honeypot is now gathering statistics that are starting to be interesting. I’m still gathering these and determining a useful and interesting way of reporting them, but here is an initial dump of the keywords used to find the various honeypots i’ve set up. More to come…
