An Initial Investigation into the Performance of the Honeyd Virtual Honeypot System
Document Type
Conference Proceeding
Keywords
[RSTDPub], OS fingerprinting, honeyd, deception, honeypot, network scanning
Publisher
University of South Australia
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
1468
Abstract
There are various tools available on the Internet, which can help in determining the operating system of a host by examining details in the way the TCP/IP stack was implemented within that operating system. This method is called TCP/IP fingerprinting which has proven to be a reasonably reliable method of determining a victim hosts operating system. This paper will examine the efficiency and performance of a new network defence tool called honeyd which is a deceptive virtual honeypot system that uses deceptive OS fingerprinting.
Access Rights
metadata only record
Comments
Valli, C. , & Gupta, N. (2003). An Initial Investigation into the Performance of the Honeyd Virtual Honeypot System. Proceedings of the 4th Australian Information Warfare and Security Conference. (pp. 363-369). Adelaide, Australia. University of South Australia.