STANDARDS
The following standards apply to data capture and data collection. All documentation will be done in either .txt or .html format.
NOTE: The Standards section is considered incomplete and under development. The Honeynet Project has not yet determined what best practices are for data capture/collection. What we have below is the current, minimum standard.
Data Capture Standards
The following are standards for data capture. This is what data and in what format should be captured at each Honeynet. This is a minimum. It is expected that more forms of data then discussed below can and will be captured.
All network activity must be captured in tcpdump binary format (OpenBSD libpcap standards) and rotated/compressed (zip/gzip) on a daily basis. ...
Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
