Title :
Experiences with a Generation III virtual Honeynet
Author :
Abbasi, Fahim H. ; Harris, R.J.
Author_Institution :
Sch. of Eng. & Adv. Technol. (SEAT), Massey Univ., Palmerston North, New Zealand
Abstract :
This paper proposes a methodology for establishing a virtual Honeynet on a VMware Server running Honeywall CDROM Roo. The implementation is specific to a Linux based host having a single physical network interface card. Security of virtual Honeynets is always a concern, special techniques are discussed in the paper to ensure their security and to mitigate associated risks posed to the host and virtual machines. An effort has been made to ensure that all the software (both the OS and associated tools) used for the project are either free or Open Source. Special techniques were implemented in order to enhance the data capture mechanisms on the Linux-based Honeypot to efficiently generate reports. Risk evaluation and suggestions for improvements to the methodology are proposed.
Keywords :
Linux; computer network security; information systems; network interfaces; public domain software; risk analysis; virtual machines; Honeywall CDROM Roo; Linux; VMware Server; data capture; network interface card; open source; risk evaluation; virtual Honeynet; virtual machine; Costs; Data security; Hardware; Information security; Linux; Network interfaces; Network servers; Open source software; Software tools; Virtual machining;
Conference_Titel :
Telecommunication Networks and Applications Conference (ATNAC), 2009 Australasian
Conference_Location :
Canberra, ACT
Print_ISBN :
978-1-4244-7323-6
Electronic_ISBN :
978-1-4244-7322-9
DOI :
10.1109/ATNAC.2009.5464785
