An Initial Investigation into the Performance of the Honeyd Virtual Honeypot System
University of South Australia
Computing, Health and Science
Computer and Information Science, Centre for Security Research
There are various tools available on the Internet, which can help in determining the operating system of a host by examining details in the way the TCP/IP stack was implemented within that operating system. This method is called TCP/IP fingerprinting which has proven to be a reasonably reliable method of determining a victim hosts operating system. This paper will examine the efficiency and performance of a new network defence tool called honeyd which is a deceptive virtual honeypot system that uses deceptive OS fingerprinting.