Document Type

Conference Proceeding

Publisher

University of South Australia

Faculty

Computing, Health and Science

School

Computer and Information Science, Centre for Security Research

RAS ID

1468

Comments

This article was originally published as: Valli, C. , & Gupta, N. (2003). An Initial Investigation into the Performance of the Honeyd Virtual Honeypot System. Proceedings of the 4th Australian Information Warfare and Security Conference. (pp. 363-369). Adelaide, Australia. University of South Australia.

Abstract

There are various tools available on the Internet, which can help in determining the operating system of a host by examining details in the way the TCP/IP stack was implemented within that operating system. This method is called TCP/IP fingerprinting which has proven to be a reasonably reliable method of determining a victim hosts operating system. This paper will examine the efficiency and performance of a new network defence tool called honeyd which is a deceptive virtual honeypot system that uses deceptive OS fingerprinting.

 
COinS