Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AUSFORENSICS
2003
2003
Honeyd - A OS Fingerprinting Artifice
This research looks at the efficiency of the honeyd honeypot system to reliably deceive intruders. Honeypots are being used as frontline network intelligence and forensic analysis tools. A honeypots ability to reliably deceive intruders is a key factor in gathering reliable and forensically sound data. Honeyd’s primary deceptive mechanism is the use of the NMAP fingerprint database to provide bogus OS fingerprints to would be intruders. Tests conducted by the author on honeyd's ability to provide bogus fingerprints sees 78% of 704 signatures invalidated under heavy probing. However, the tests have left 152 viable signatures for producing hardened honeypot designs. Keywords honeypot, deception, honeyd, NMAP, fingerprinting, forensics, network forensics
Real-time TrafficAUSFORENSICS 2003 | Bogus Os Fingerprints | Forensic Engineering | Honeyd Honeypot | Honeyd's Ability |
| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2003 |
| Where | AUSFORENSICS |
| Authors | Craig Valli |
Comments (0)
Researcher Info
|
