The Honeynet Files
ثبت نشده
چکیده
exploits in a honeypot is an unusual event). For the latter, we want a better understanding of the areas of interest and hidden links between blackhat teams. One way to achieve these goals is to increase the verbosity of our honeypot logs and traces so that we learn every single action the intruder made. The most common tools for doing this are Sebek (http://project.honeynet.org/tools/ sebek/) for system events and Snort (www.snort.org) for network activity. Unfortunately, there is no easy way to correlate information from these sources, which complicates honeypot forensics. Although computer forensics focuses on analyzing a system once we suspect it has been compromised, we expect honeypots to be compromised. Thus, honeypot forensics focuses on understanding the blackhat’s techniques and tools, before and after its intrusion on the honeypot.
منابع مشابه
The Honeynet Files
information about the spammer’s true identity and help unmask it. In response to the threat that honeypots pose to spammers, the first commercial anti-honeypot technology has surfaced: Send-Safe’s Honeypot Hunter (www.send-safe. com) attempts to detect “safe” proxies for use with bulk-mailing tools. This honeypot-detection system’s appearance, in association with other emerging spam tools, sugg...
متن کاملDynamic Deploying Distributed Low-interaction Honeynet
Distributed virtual honeynet is an important security detection system to Worms, Botnet detection, Spam and Distributed Denial-Of-Service. The honeynet value significantly relies on the disguise capacity. The traditional deploying method is a static scheme that the configuration of honeynet is determined by security experts beforehand and unable to change after the deployment. The hackers or Bo...
متن کاملMonitoring hacker activity with a Honeynet
The Honeynet Project was founded by 30 US based security professionals with the intention of researching the techniques, tools, tactics and motives of hackers and the ‘blackhat’ community in general. A Honeynet Project is an all volunteer, non-profit organization committed to sharing and learning the motives, tools, and tactics of the hacking community. It is comprised of a number of informatio...
متن کاملA Honeynet within the German Research Network - Experiences and Results
A honeynet is a special prepared network which is not used in normal business. It is a kind of playground to watch and learn the tactics of crackers. The only purpose of a honeynet is to be probed, attacked or compromised. During the operation other systems may not be harmed by an attack originated within the honeynet. In this paper the design, realization and operation of a honeynet built with...
متن کاملKnow Your Enemy: Honeynets
Over the past several years the Honeynet Project has been dedicated to learning the tools, tactics, and motives of the blackhat community and sharing the lessons learned. The primary tool used to gather this information is the Honeynet. The purpose of this paper is to discuss what a Honeynet is, its value, how it works, and the risks/issues involved. It is hoped that the security community can ...
متن کاملHoneynet Operation within the German Research Network - A Case Study
A honeynet is a special prepared network which is not used in normal business. It is a kind of playground to watch and learn the tactics of crackers. The only purpose of a honeynet is to be probed, attacked or compromised. During the operation other systems may not be harmed by an attack originated within the honeynet. In this paper the design, realization and operation of a honeynet built with...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004