GDE Demetrios has basic stuff in place blogsite for code hosted at googlecode (get link) waiting for stable drop after many change from Demetrios after that we'll contact members to discuss plans Todd and Patty working on query equivalence digital sky survey site as example explorer for their system is much like ours ( browser, builder, miniatureDB) everything the same as what we are doing not exporting their system for others to use not Generic Explorer Honeynet honeypot ( low interaction one) at Jim's house remote control log files - stored locally right now low risk of corruption need to promote it way to tell which way of advertising is most effective can take months for spiders to crawl your site Alex says only about a week with Google Places to advertise put links on other peoples pages invisible links collects malware if someone tries wget to fetch malware setting up network/honeywall and honeypot here at Clarkson going but more slowly OS install, VMware install, configuration, tools to automatically monitor and react to outgoing traffic group training - snort, iptables, tripwire, sebek ( honeynet project) bridging is working OIT is mostly happy with proposal but wants details on threshholds for containment register IP address with IP and get them to set up their own limits Lab Maintenance Server Maintenance ip address to host mapping is broken maybe related to network registration? printing in Windows funny ( fixed but not ghosted) Active Directory broken ( probably not this semester) there is a web based one myfiles.clarkson.edu network registration? NCC Systems is coming Friday at 1 to look at our need for wiring, will give us a quote CLuster project - Cyrus would like to do cluster managment software and release as a project no good existing choices (?)- survey existing and get clear of pros and cons excellent opportunity to contribute to the world :-) Again held up by DNS problems Jim Owens will look into DNS problem (maybe talk to Zack Colgan or maybe Josh Fiske) Xen projects ONR some feedback on VMware forums Zach fielding questions Still hasn't gotten prize team up and going? Not yet coming soon Linksys project Jon Peck trying this wireless router is here Open house this weekend Oct 7 October 21 grand opening 1-3 PM official opening ceremony in the labs 3-5 LAN game wars alums vs students vs faculty 6-9 PM Adirondack Lodge informal lodge Surfernet/Hockey support for "secure" subscription to streaming hockey games Benedict Oleforo interested ========================================================================== Pat Wilbur talking about port knocking ports are closed daemon secretly monitors ports even though closed have application connect to ports in a certain sequence like a combination obscure what is running to ssh, won't show up to nmap daemon can turn on ssh if you ping the proper ports in the proper order can browse source at www.clarkson.edu/projects/cosi/sp2006/students/wilburpf/portknock source is pretty simple, look at door daemon use libpcap like Ethereal does can specify filters easily demo of port knocking iptables -L show can't accept traffic run ./doord send message - port you want opened, username run client ./knock server port username ./knock localhost 80 on server see output from doord showing PORT:80 added do another iptables -L could just open the port for just that ip address worry that order of the knock would be preserved determine what order they should have occured in break port space into pieces ports 1-256 = correspond to first message of character ports 257-512 = correspond to second message of the character knock again and it closes it doorman.sclab.clarkson.edu showed source code