Feburary 17th, 2003
Honeyd is a very flexible tool to create virtual honeypots. To
improve its usefulness, the honeypot community is asked to
participate in the following challenge:
Improve Honeyd by creating useful feature additions.
Feature additions and improvements are sought in the following areas:
This is just a list of potential improvements. You may have other and better ideas on how to improve Honeyd.
- Service Emulations: Submit services with optional
simulation of vulnerabilities that can be used with Honeyd: for
example, web servers, ftp servers, p2p services, etc.
- Source code features: Source code to improve the
features that Honeyd supports: for example, improved service
virtualization, improved topology generation, realistic internal
routing simulation, passive fingerprinting, ability of honeypots to
create network connections between each other, interactive
reconfiguration via management console, further improvements to evade
stack detection, etc.
- Graphical user interface: Create a graphical user interface to configure, manage and query Honeyd.
- Forensic Analysis: Create tools to analyze or visualize Honeyd log files.
Your improvements should be based on Honeyd 0.5. Since the announcement of the challenge some bugs have been patched.
Your submissions need to fulfill the following requirements:
- Submissions need to be received by March 14th, 2003.
- All submissions should be sent to email@example.com
with "Honeyd Challenge" in the subject.
- Your feature additions need to be well documented so that the judges
are able to evaluate your work.
- Your code needs to compile and run on a UNIX-like system. However,
this does not preclude code that also runs on other platforms. The
judges are using FreeBSD, GNU/Linux and NetBSD.
- Submit a gzip compressed tar archive as email attachment with the following
- README - explain the contents of the tar archive, include your name, postal and email addresses.
- Documentation - use ascii, postscript or pdf as data format.
- Patches - please use diff against the released version of honeyd.
- Other files and directories as suitable, please explain in README.
Source code features to be integrated into Honeyd need to be covered by a BSD-like license. Service emulations and graphical user interface may be either BSD-like or GPL. BSD license is preferred though.
Submissions will be judged by experienced volunteers. The winners
will be selected and announced on March 21th 2003.
The judges include but are not limited to:
We are going to use the following scoring guidelines to determine the
- Mike Clark
- Job de Haas
- Niels Provos
- Rain Forest Puppy
- Lance Spitzner
- 0 - 5 points for documentation. Did you include all necessary documentation? Is the documentation easy to read, follow and understand?
- 0 - 5 points for code style. Is your code organized and logical? You might want to look at the NetBSD share/misc/style for a guideline.
- 0 - 10 points for novelty of submission. Are you solving an interesting problem?
- 0 - 10 points for completeness of submission. Does your submission work correctly?
The ten best submissions are rewarded with Lance Spitzner's new book
"Honeypots: Tracking Hackers,"
signed by Lance Spitzner and Niels Provos.
Additional prizes include a free pass to
including a free hotel (up to four nights) for
the first place, a $200 gift certificate to amazon for the 2nd place,
and a $100 gift certificate to amazon for the 3rd place. Winners may
trade their prizes.
(NB: You may join teams and submit as a team. However, in that
case, prizes are awarded to the team and not to each person.)
However, the main goal of this challenge is to
have fun, contribute good work to the community and
allow you and others to learn about the usefulness of tools like Honeyd.
After the winners have been announced, the top 20 entries will be posted
on the Honeyd contributions page.
Good luck, and have fun!
Since the challenge has been announced, the following bugs have been patched:
Using the patches above is not required to make a submission. However,
applying them may help you to run Honeyd more reliably.
- 001-ipfrag.patch -
2003-02-18 - Fixes a crash in the fragment reassembly code.
Discovered by George Akimov.
- 002-proxy.patch -
2003-03-04 - Allows proxy connections again.
Discovered by Peter Balland.