GSoC/GCI Archive
Google Summer of Code 2010 The Honeynet Project

Hale - A botnet command and control monitor

by Patrik Lantz for The Honeynet Project

Hale will support both the IRC and HTTP protocol, with the ability to easily add new modules that support new protocols. The monitor will have thread support and logging facilities. Collected logs will be accessible via a web interface and all suspicious malware will be analyzed through a sandbox service. To not expose the location of the monitor, the bots will be able to connect through proxies and hide its origin.