The Network Obfuscation and Virtualized Anti-Reconnaissance (Nova) system is an open-source software tool developed to detect network based reconnaissance efforts, to deny the attacker access to real network data while providing false information regarding the number and types of systems connected to the network.
In any intrusion, the attacker must first perform reconnaissance to learn all about a network by discovering information such as how many systems are online, what operating systems are installed on them, what services are running on those machines, and what ports may be open. Each piece of information gained is one step closer to a successful attack.
Nova prevents and detects this snooping by setting up a large net of realistic virtualized decoys. Trying to find the real machines then becomes like trying to find a needle in a haystack. Meanwhile, Nova identifies the attackers by their inevitable suspicious activity in communicating with decoys, and provides the network administrators a situation awareness view of their network.
Nova Software is Released
Join us on IRC, server OFTC channel #nova. Our Github page contains the latest code and documentation. The latest software release includes an improved central management system user interface, new support for assigning names to honeypots, a new underlying asynchronous messaging system, and a new software update system using the Debain repository.
Nova on Hacker Hotshots Web Show
Nova was featured on the Hacker Hotshots Web Pod Cast February 19, 2013. Listen to Pod Cast