I build a package for the Dshiled Webhoneypot.
Description: DShield Web Honeypot Project
The overall idea of te Webhoneypot is to build something like DShield
(which collects firewall logs) for webapps.
The goal of the project is to collect quantitative data measuring the
activity of automated or semi-automated probes against web applications.
First of all, we will not just look for "attacks". We look for "probes".
If they are malicious or not can only be determined in context.
We will not look for 0-day style or targeted attacks. Maybe we will get
lucky and catch one. But in order to detect them, we would need sensors
in specific networks. What we are after is more the "background noise".
I already finished the package and tested it on my system.
Now I'm in need of a sponsor to also test it, check it and upload it.
I work as a Senior IT Security Consultant, living near Munich (Bavaria,
DE). I use Debian a lot and already built "internal" packages for