Abstract: A classifier comprising deflector ring having an interior sidewall liner affixed to an interior sidewall of deflector ring and an exterior sidewall liner affixed to an exterior sidewall of deflector ring, outlet housing, a base region formed on a top surface of deflector ring, outlet housing sidewalls, each extending away from an edge of deflector ring, and a top region parallel to base region joined with each angled sidewalls, top region having an upper surface with one or more openings formed therein corresponding to one or more outlet channels, wherein outlet housing further comprises an interior sidewall liner affixed to each of opposing angled sidewalls, each interior sidewall liner extending from a corresponding edge of deflector ring to a respective portion of top region, and an upper wall liner extending along all of inner wall between one or more openings.

Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. In response to an attacker accessing the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert.

Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. In response to an attacker accessing the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert.