| The core of internet security discipline in use are Intrusion-detection system and Firewall. While these approachs mostly refers to the passive defense when the network are attacked. And this kind of passive defense is based on the recognization and learning of the attack technologies. So compared with the quickly updating of existing new internet attack technologies, the internet security system employed currently are always behindhand.With the introduce of traditional attack technologies into security defense field. It settles the internet secrity problem in a new persective. Honeypot system can contain and transfer the attack activity of the hackers, record and analyze the attack approaches of the hackers, collect the attack evidence and even to trace the hackers. Therefore honeypot technologies manifest the active defense strategy.Honeypot is an secrity resource whose value lies in being scanned, attacked and compromised. The honeypot is different from other defense approches. It is not aimed to solve a certain concrete problems. Therefore how to use the honeypot is decided completely by the goal that you want to attain. The core technologies in honeypot system include disguise, information gather, risk control and data analysis.The honeypot network defense system designed in this thesis, is employed mainly to enhance defense capabilities and collect the data about network attacks. The goal of this honeypot defense system is to disguise verisimilitude, attract the hackers' attacks protects network safety, capture and record attack information in detail. This kind of defense can guarantees the information collected is secure and intact which can be used to control some actions of the hackers. The main function modules in this system includes the honeypot module, data control module and data capture module.Since the Linux system is convenient for us to obtain free software and to expand, we choose Linux as platform for our honeypot system. And our system adopts virtual operating system technique, which give us the feeling that several honeypots have been integrated in two honeypots host computer. Therefore, fraudulence of the system is strengthened and deployment cost is reduced. The defense system designed in this thesis combine honeypot technology, firewall technology, IDS technology, information gather technology. Our system adopts easy-in-difficult-out data control strategy and three level data capturing mechanism. So the risk of the system is reduced and integrity of data capture is ensured. |
PDF Full Text Request