Document Type
Conference Proceeding
Publisher
We-B centre, School of Computer and Infomation Science, Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
1809
Abstract
The research looks at the efficiency of the honeyd honeypot system to reliably deceive intruders. Honeypots are being used as frontline network intelligence and forensic analysis tools. A honeypots ability to reliably deceive intruders is a key factor in gathering reliable and forensically sound data. Honeyd's primary deceptive mechanism is the use of the NMAP fingerprint database to provide bogus OS fingerprints to would be intruders. Tests conducted by the author on honeyd's ability to provide bogus fingerprints sees 78% of 704 signatures invalidated under heavy probing. However, the tests left 152 viable signatures for producing hardened honeypot designs.
Access Rights
free_to_read
Comments
This is an Author's Accepted Manuscript of: Valli, C. (2003). Honeyd - A OS Fingerprinting Artifice. Proceedings of 1st Australian Computer Network and Information Forensics Conference. Perth, Australia. We-B centre, School of Computer and Infomation Science, Edith Cowan University. Available here