An examination of the Asus WL-HDD 2.5 as a nepenthes malware collector
Document Type
Conference Proceeding
Publisher
Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
5099
Abstract
The Linksys WRT54g has been used as a host for network forensics tools for instance Snort for a long period of time. Whilst large corporations are already utilising network forensic tools, this paper demonstrates that it is quite feasible for a non-security specialist to track and capture malicious network traffic. This paper introduces the Asus Wireless Hard disk as a replacement for the popular Linksys WRT54g. Firstly, the Linksys router will be introduced detailing some of the research that was undertaken on the device over the years amongst the security community. It then briefly discusses malicious software and the impact this may have for a home user. The paper then outlines the trivial steps in setting up Nepenthes 0.1.7 (a malware collector) for the Asus WL-HDD 2.5 according to the Nepenthes and tests the feasibility of running the malware collector on the selected device. The paper then concludes on discussing the limitations of the device when attempting to execute Nepenthes.
Access Rights
free_to_read
Comments
Szewczyk, P. S. (2007). An examination of the Asus WL-HDD 2.5 as a Nepenthes malware collector. Proceedings of Australian Digital Forensics Conference. (pp. 127-134). Perth, Western Australia. Edith Cowan University. Available here