Analysis Of Honeypot Technology And Design Of Honeynet

With the development of computer technology and information technology, The network has already seeped through all aspects of social activities.The network brings convenience for peoole,also brings various threat for information safe. Varied virus, automatic scanning tools, Attack tool, influenced social production life Seriously。The traditional network safety defense technique includes safety scanning technique, Fire wall technique, identity verification technique, Digital certificate technique, Encrypt technique, Intrusion Detection technique and Saving backup technique etc.Honeypot technology is a new initiative base on the defense network security technology.The honeypot function is lured attackers, Then acquired the attack tool of attackers, attact purpose to obtain relevant information.its value lies inbeing scanned,attacked and compromised. At first, this paper introduces Familiar network attack technique, network security technique, then provides honeypot technique. This paper discussed honeypot technique, included the research present condition of honeypot, the classification of the honeypot etc,elaborated the work of honeypot. Study of the working methods of honeynet.Honeynet is not a products installation or a device on the internet.IT is a kind of framework. Honeynet of the working methods includes data control, data capture and data analysis. The purpose of a virtual honeynet designed is capture foreign attack and analysis the captured data. Through study analysis tools, attack and purpose of Hackers. Final realization of the product is the protection system and raise defences. The honeynet includes the three modules: trapping modules, control and management module.Trapping module main role is to record by hackers, will not be found on the basis of as much as possible the captured by hackers, we adopted the mechanism of data capture:the firework logs, the ids logs, the system logs.Control module main role is to prevent hackers on the honeynet as a springboard to go against the product, the honeynet to allow any of the connecting,but control from honeynet out of the scanning and connect to internet.Gateway isolations product network and virtual honeynet. EthO connects product network.Ethl connect honeynet.The honeynet uses two layers data controls:firewall and information defense systems.Management module is to protect the captured data, if the capture of the data stored in the honeypot is not safe, if the hackers discovered that the invasion of honeypot system will be a maliciously modified data, or erase all information, so must the capture of the data in a remote server to ensure the safety and convenience store the data between the modules.According to the characteristics of honeynet,a virtual honeynet designed and implemented is this paper's main job. This syetem key technologies are data control and data capture.Finally important functions of the honeypot are tested.