Experiences with a Generation III virtual Honeynet

Author

Abbasi, Fahim H. ; Harris, R.J.

Author_Institution

Sch. of Eng. & Adv. Technol. (SEAT), Massey Univ., Palmerston North, New Zealand

fYear

2009

fDate

10-12 Nov. 2009

Firstpage

1

Lastpage

6

Abstract

This paper proposes a methodology for establishing a virtual Honeynet on a VMware Server running Honeywall CDROM Roo. The implementation is specific to a Linux based host having a single physical network interface card. Security of virtual Honeynets is always a concern, special techniques are discussed in the paper to ensure their security and to mitigate associated risks posed to the host and virtual machines. An effort has been made to ensure that all the software (both the OS and associated tools) used for the project are either free or Open Source. Special techniques were implemented in order to enhance the data capture mechanisms on the Linux-based Honeypot to efficiently generate reports. Risk evaluation and suggestions for improvements to the methodology are proposed.

Keywords

Linux; computer network security; information systems; network interfaces; public domain software; risk analysis; virtual machines; Honeywall CDROM Roo; Linux; VMware Server; data capture; network interface card; open source; risk evaluation; virtual Honeynet; virtual machine; Costs; Data security; Hardware; Information security; Linux; Network interfaces; Network servers; Open source software; Software tools; Virtual machining;

fLanguage

English

Publisher

ieee

Conference_Titel

Telecommunication Networks and Applications Conference (ATNAC), 2009 Australasian

Conference_Location

Canberra, ACT

Print_ISBN

978-1-4244-7323-6

Electronic_ISBN

978-1-4244-7322-9

Type

conf

DOI

10.1109/ATNAC.2009.5464785

Filename

5464785