| 利用IP分片技术探测Honeyd虚拟蜜罐 |
| |
| 引用本文: | 翟继强,乔佩利. 利用IP分片技术探测Honeyd虚拟蜜罐[J]. 计算机应用与软件, 2009, 26(4) |
| |
| 作者姓名: | 翟继强 乔佩利 |
| |
| 作者单位: | 哈尔滨理工大学计算机科学与技术学院,黑龙江,哈尔滨,150080;哈尔滨理工大学计算机科学与技术学院,黑龙江,哈尔滨,150080 |
| |
| 基金项目: | 国家科学与技术部社会公益研究专项基金 |
| |
| 摘 要: | 分析了作为主动安全技术而广泛使用的虚拟蜜罐框架Honeyd的IP分片重组技术的漏洞,并编写了一个概念性探测软件来验证这个安全漏洞.测试表明利用该漏洞可以有效地侦测出基于Honeyd的虚拟蜜罐的存在和布置范围,进而提出了相应的弥补漏洞的办法.
|
| 关 键 词: | 蜜罐 Honeyd 漏洞 IP分片 |
HONEYD-BASED HONEYPOT DETECTION WITH IP PACKET FRAGMENT |
| |
| Zhai Jiqiang,Qiao Peili. HONEYD-BASED HONEYPOT DETECTION WITH IP PACKET FRAGMENT[J]. Computer Applications and Software, 2009, 26(4) |
| |
| Authors: | Zhai Jiqiang Qiao Peili |
| |
| Affiliation: | College of Computer Science and Technology;Harbin University of Science and Technology;Harbin 150080;Heilongjiang;China |
| |
| Abstract: | In this paper we analyze a serious vulnerability in IP fragment and reassembly procedure in Honeyd that is a virtual honey pot framework most commonly used as the new active network security technology.Then a proof-of-concept tool is developed to test this vulnerability.Verification experiments show that this tool is extremely accurate and effective in detection of the presence of Honeyd and its deployment scope through the vulnerability,and a simple fixing approach for this flaw is further discussed. |
| |
| Keywords: | Honeyd |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
