Skip to main content
Article
Honeyd - A OS Fingerprinting Artifice
ECU Publications Pre. 2011
  • Craig Valli, Edith Cowan University
Publication Date
1-1-2003
Document Type
Conference Proceeding
Publisher
We-B centre, School of Computer and Infomation Science, Edith Cowan University
Faculty
Computing, Health and Science
School
Computer and Information Science, Centre for Security Research
RAS ID
1809
Comments

This article was originally published as: Valli, C. (2003). Honeyd - A OS Fingerprinting Artifice. Proceedings of 1st Australian Computer Network and Information Forensics Conference. Perth, Australia. We-B centre, School of Computer and Infomation Science, Edith Cowan University. Original article available here

Abstract

The research looks at the efficiency of the honeyd honeypot system to reliably deceive intruders. Honeypots are being used as frontline network intelligence and forensic analysis tools. A honeypots ability to reliably deceive intruders is a key factor in gathering reliable and forensically sound data. Honeyd's primary deceptive mechanism is the use of the NMAP fingerprint database to provide bogus OS fingerprints to would be intruders. Tests conducted by the author on honeyd's ability to provide bogus fingerprints sees 78% of 704 signatures invalidated under heavy probing. However, the tests left 152 viable signatures for producing hardened honeypot designs.

Disciplines
Access Rights

free_to_read

Citation Information
Craig Valli. "Honeyd - A OS Fingerprinting Artifice" (2003)
Available at: http://works.bepress.com/craig_valli/41/