Bots and BotNets presented at AUScert 2009

by Richard Perlotto, David Watson,

Summary : Live Botnet Exercise and Honeywall Monitoring:
This class will be a two-in one offering. A class up to 40 will be split into two groups. Each group will attend one part of the class, and then after lunch switch into the other section. This way the entire class will have an opportunity to experience malicious behavior and activity in one section, and then the monitoring and capture of that activity in the other section.
The Live Botnet Exercise Section:
This is a live malware demonstration and malicious activity class. We are NOT here to learn about reversing, protection, defense, nor detection. For that seek another class.
We are here to have fun and play in the role of the bad guy, the herder, the script kiddie, and the see how much fun and easy it is to participate on the other side of the field.
The Honeywall Monitoring:
Setting up and management of Honeywall. Seeing the results of malicious behavior and different tools to track and extract out data about the behavior and actions. This the about the detection in the role of trying to find out what the criminal element is doing and why.