| Based on the active offense theory, honeypot is a newly arisen technology which is valued by the realm in computer network security increasingly. Honeypot primarily lures the attackers by using a seemly vulnerable but well arranged and observed environment to tolerance invasions so that we can study their behavior information, especially that of new unknown attacks. According to the enemy intelligence obtained, security organizations can better know dangers that their systems are facing currently, and know to prevent the dangers occurring.Different to the simple honeypot built on a single machine, honeynet as a more advanced honeypot technology can make more network attack information into the open. Honeynet made up of firewall, router, IDS, one or more honeypot machines, and can also be realized in the form of virtual software. Compared with the simple honeypot form, honeynet is more complex to be realized and managed. However, by using of its key technology -data control and data capture, it can not only tolerance invasion easily but also insure the security performance of the trap system itself.Firstly, basic knowledge about honeynet is elaborated in the paper, and some contents and productions on this field researched by domestic and foreign organizations are analyzed, too. Secondly, according to the characteristics of honeynet, a virtual honeynet are designed and implemented. Thirdly, important functions of the honeynet are tested. And the test result verifies that the honeynet have reached the intended targets. |
PDF Full Text Request