______________________________________________________________________________

HONEYNET/HONEYPOT PROJECT
______________________________________________________________________________

Meeting: 5/1/06 5:00pm, ITL
Attendees: Leslie, Todd, Patty, Creigh
Meeting Duration: Approx. 7 hours

______________________________________________________________________________

Accomplishments:
______________________________________________________________________________

1) Attacks
   -------

   Malware/Spyware - Alexa

   Virus - NetBus (from Dalia's thesis DVD 3)

   Port Scan + Network Attacks - Discovery/Identification Scan

2) Disconnected from the network and made static IP addresses.

3) Uninstalled the antivirus software on the attacker computer, since the file 
   wouldn't copy over with the antivirus installed.

4) Installed NetBus on both the attacker and the honeypot. We had to figure out 
   that the NetBus installer can install a client and server. We used the 
   honeypot as the server and the attacker as the client.

5) We then ran NetBus and made a connection between the server and client. But, 
   Snort didn't detect any problems.

6) We then restored back to our known-good honeypot VM and wiped the attacker's 
   hard disk.

7) Finished our project deliverables, including the webpage and presentation.