Home

Job Opportunities

On this page... (hide)

Botnet Hunting and Tracking
Honeypots and Honeynets
Malware Analysis

The Shadowserver Foundation is always looking for good people to volunteer their time to assist in several key areas.

The most important qualification is trust and purely white hat intentions.

Our first priority is to gather data that can be used to help detect malicious networks study their tactics and process, and protect against them. Another major goal is to raise the general public awareness of botnets. So again, any person who works with Shadowserver must have these goals, and be of the highest integrity. We do go through a fairly thorough vetting process during any volunteer's candidate period. A brief listing and description of our current requirements are listed below. For more information on these requirements, please see the Shadowserver.Organizations section of the Shadowserver website. For further information on these or other potential areas of assistance, please contact us at jobs <at> shadowserver.org

Botnet Hunting and Tracking

This involves working through our ticketing system to document reported nets, establishing a monitoring session on those reported nets that we can access, studying logs for any interesting data and reporting it to the team. This person must be detail oriented and have a good knowledge of irc and botnet commands... or at least a strong interest to learn. They must be willing to deal with some tedious record-keeping along with the actual botnet analysis.

Honeypots and Honeynets

This group seeks to gather actual hostile code or information pointing to locations of such code. They can use a variety of means to accomplish this including honeypots, mail honeypots, proxy pots, etc. Also a fair amount of work is done in scrubbing Searchirc, Netsplit.de, Google API, etc. for malware. This person must have some experience in honeypot deployment and operation. They must understand the style and jargon of the various hostile locations. Good understanding of bot operation and various exploits would be ideal.

Malware Analysis

This group is responsible for the analysis of obtained hostile code via automated or manual methods. It also classifies and archives all such hostile code via the malware repository. Experience in reverse engineering malware is a strong plus but not required. Understanding of the various malware families and in the structure of a malware repository is also helpful.

<< Future Goals | Shadowserver | Press >>

Page last modified on November 12, 2007, at 07:33 PM

Bot Counts

Botnets

Calendar/Blog

Link List

Big View Attach:Site/PageHeader/softflow.gif Δ Home Edit History Recent Changes
HomePage Shadowserver Mission Standards and Guidelines Organizations Calendar Future Goals Job Opportunities Press Security Organizations News Articles Blogs and Forums Misc Presentations Chronological Operations Status Knowledge Base Botnets Botnet Detection Honeypots eFraud Malware Whitepapers Links Get Involved Get Reports on your Network Mailing List Submit a Botnet Build a Honeypot Hall of Fame Statistics ASN Bots Bot Counts Drone Maps Drone Historical Conficker Botnets Botnet Charts Botnet Maps Botnet Maps Historical DDoS DDoS Charts DDoS Maps DDoS Historical Geo Locations IRC Ports Malware Sandbox Charts Sandbox Graphs Packer Statistics Scans Scan Charts Scan Maps Scan Maps Historical URLs Viruses Virus Daily Stats Virus Weekly Stats Virus Monthly Stats Virus 60-Day Stats Virus 90-Day Stats Virus Six-Month Stats Virus Yearly Stats Contact Us Site Statistics edit SideBar	Job Opportunities On this page... (hide) Botnet Hunting and Tracking Honeypots and Honeynets Malware Analysis The Shadowserver Foundation is always looking for good people to volunteer their time to assist in several key areas. The most important qualification is trust and purely white hat intentions. Our first priority is to gather data that can be used to help detect malicious networks study their tactics and process, and protect against them. Another major goal is to raise the general public awareness of botnets. So again, any person who works with Shadowserver must have these goals, and be of the highest integrity. We do go through a fairly thorough vetting process during any volunteer's candidate period. A brief listing and description of our current requirements are listed below. For more information on these requirements, please see the Shadowserver.Organizations section of the Shadowserver website. For further information on these or other potential areas of assistance, please contact us at jobs <at> shadowserver.org Botnet Hunting and Tracking This involves working through our ticketing system to document reported nets, establishing a monitoring session on those reported nets that we can access, studying logs for any interesting data and reporting it to the team. This person must be detail oriented and have a good knowledge of irc and botnet commands... or at least a strong interest to learn. They must be willing to deal with some tedious record-keeping along with the actual botnet analysis. Honeypots and Honeynets This group seeks to gather actual hostile code or information pointing to locations of such code. They can use a variety of means to accomplish this including honeypots, mail honeypots, proxy pots, etc. Also a fair amount of work is done in scrubbing Searchirc, Netsplit.de, Google API, etc. for malware. This person must have some experience in honeypot deployment and operation. They must understand the style and jargon of the various hostile locations. Good understanding of bot operation and various exploits would be ideal. Malware Analysis This group is responsible for the analysis of obtained hostile code via automated or manual methods. It also classifies and archives all such hostile code via the malware repository. Experience in reverse engineering malware is a strong plus but not required. Understanding of the various malware families and in the structure of a malware repository is also helpful. << Future Goals \| Shadowserver \| Press >> Edit Page History Source Attach File Backlinks List Group Page last modified on November 12, 2007, at 07:33 PM	Bot Counts Botnets Calendar/Blog 01 … 29 · April 2009 May 2009 June 2009 04 \| 10 · July 2009 25 · August 2009 September 2009 October 2009 November 2009 14 \| 16 · December 2009 09 … 29 · January 2010 February 2010 March 2010 April 2010 May 2010 June 2010 Link List Arbor Networks ASERT AV Comparatives Emerging Threats Mwcollect Nepenthes Offensive Computing SANS ISC Securtyfix SecuriTeam Sunbelt/CWSandbox Support Intelligence TaoSecurity ThreatSTOP Websense Zeus Tracker