Title

An Examination of the Asus WL-HDD 2.5 as a Nepenthes Malware Collector

Document Type

Conference Proceeding

Publisher

Edith Cowan University

Faculty

Computing, Health and Science

School

School of Computer and Information Science, Centre for Security Research

RAS ID

5099

Comments

This article was originally published as: Szewczyk, P. S. (2007). An examination of the Asus WL-HDD 2.5 as a Nepenthes malware collector. Proceedings of Australian Digital Forensics Conference. (pp. 127-134). Perth, Western Australia. Edith Cowan University. Original article available here

Abstract

The Linksys WRT54g has been used as a host for network forensics tools for instance Snort for a long period of time. Whilst large corporations are already utilising network forensic tools, this paper demonstrates that it is quite feasible for a non-security specialist to track and capture malicious network traffic. This paper introduces the Asus Wireless Hard disk as a replacement for the popular Linksys WRT54g. Firstly, the Linksys router will be introduced detailing some of the research that was undertaken on the device over the years amongst the security community. It then briefly discusses malicious software and the impact this may have for a home user. The paper then outlines the trivial steps in setting up Nepenthes 0.1.7 (a malware collector) for the Asus WL-HDD 2.5 according to the Nepenthes and tests the feasibility of running the malware collector on the selected device. The paper then concludes on discussing the limitations of the device when attempting to execute Nepenthes.