In this paper we describe a serious flaw in a popular honeypot software suite that allows an attacker to easily identify the presence and scope of a deployed honeypot. We describe in detail both the flaw and how it can be used by an attacker. Our technique relies on a set of specially crafted packets which are able to elicit a response from a Honeyd-based honeypot. Simple experiments show that this method is extremely accurate and effective in detecting the presence and the scope of a Honeyd deployment. Moreover, due to the low level of effort and bandwidth required, it is possible to perform honeypot reconnaissance easily prior to launching a malicious attack on a network, even for large address spaces. We also discuss a simple fix for thi...
This text deals with computer network security using honeypot technology, as a tool of intentional t...
Malware in the form of computer viruses, worms, trojan horses, rootkits, and spyware acts as a major...
A honeypot is a closely monitored network decoy serving several purposes: it can distract adversarie...
Botnets have become one of the major attacks in the internet today due to their illicit profitable f...
Because “botnets ” can be used for illicit financial gain, they have become quite popular in recent ...
Because botnets can be used for illicit financial gain, they have become quite popular in recent I...
Honeypots are computers specifically deployed to be a resource that is expected to be attacked or co...
To delude attackers and improve security within large computer networks, security researchers and en...
Open-source honeypots are a vital component in the protection of networks and the observation of tre...
In the real-world network system, an enormous number of applications and services available for data...
The current generation of low- and medium interaction honeypots uses off-the-shelf libraries to prov...
The honeypot has been proved effective in understanding intruders ’ tactics and tools which exploit ...
The Denial-of-Service (DoS) attack remains a challenging problem in the current Internet. In a DoS d...
Abstract — This paper presents a summary of university research performed on honeypot techniques and...
Abstract—Over the past several years, honeynets have proven invaluable for understanding the charact...
This text deals with computer network security using honeypot technology, as a tool of intentional t...
Malware in the form of computer viruses, worms, trojan horses, rootkits, and spyware acts as a major...
A honeypot is a closely monitored network decoy serving several purposes: it can distract adversarie...
Botnets have become one of the major attacks in the internet today due to their illicit profitable f...
Because “botnets ” can be used for illicit financial gain, they have become quite popular in recent ...
Because botnets can be used for illicit financial gain, they have become quite popular in recent I...
Honeypots are computers specifically deployed to be a resource that is expected to be attacked or co...
To delude attackers and improve security within large computer networks, security researchers and en...
Open-source honeypots are a vital component in the protection of networks and the observation of tre...
In the real-world network system, an enormous number of applications and services available for data...
The current generation of low- and medium interaction honeypots uses off-the-shelf libraries to prov...
The honeypot has been proved effective in understanding intruders ’ tactics and tools which exploit ...
The Denial-of-Service (DoS) attack remains a challenging problem in the current Internet. In a DoS d...
Abstract — This paper presents a summary of university research performed on honeypot techniques and...
Abstract—Over the past several years, honeynets have proven invaluable for understanding the charact...
This text deals with computer network security using honeypot technology, as a tool of intentional t...
Malware in the form of computer viruses, worms, trojan horses, rootkits, and spyware acts as a major...
A honeypot is a closely monitored network decoy serving several purposes: it can distract adversarie...