Honeyd is a small daemon that allows you to create virtual hosts on the network. You can configure the service and TCP of the VM to make it seem to be running an operating system on the network. Honeyd allows a host to model multiple addresses in the LAN to meet the requirements of the network lab environment. Virtual Hosts can be pinged or tracked. By setting the configuration file, the virtual computer can simulate any service. You can also use a service proxy to replace service simulation. It has many libraries, so it is difficult to compile and install Honeyd.
Download link: http://down.51cto.com/data/158561
> Go to the treasure chest of network security tools and check out other security tools.
1. Summary
This article mainly introduces the background of the generation of the virtual Honeypot, focuses on the introduction of the popular virtual honeypot software honeyd, and the installation, configuration, operation and test results of honeyd, and the software architecture of honeyd was introduced and analyzed.
2. Related Questions
2.1 honeypot) and honey network honeynet) Technology
Honeypot is a spoofing technique that deceives intruders to collect hacker attack methods and protect real host targets. Honeypot is different from most traditional security mechanisms. The value of its security resources is that it is detected, attacked, or threatened.
Honetpot can be any computer resource. It can be workstation, file server, mail server, printer, router, any network device, or even the whole network.
Honetpot is intentionally deployed in a dangerous environment so that it can be attacked. Compared with the purpose of deploying honeypot, honeypot has no legal product value, that is, it cannot be used for external normal services. If your web server is frequently accessed and you analyze the information on the server, it does not mean that you configure it as an honeypot, but simply a web server that lacks security protection measures.
Honeynet is a collection of honeypots. These honeypots are controlled by one person or an organization. multiple operating systems can run on one honeynet, there can be one or more different themes.
2.2 virtual honeypot)
A virtual honeypot can be quickly configured with several Honeypot. The virtual honeypot software can imitate IP stack, OS, and real system applications. Once you build your virtual Honeypot system, after it is attacked, you can easily reconstruct it. In general, imitation is fully implemented in the memory. The virtual honeypot software also allows you to configure a full private network on a single physical host. A virtual Honeypot system can be used to imitate thousands of systems, each system uses thousands of ports and different IP addresses.
Because the entire Honeynet can be deployed on one machine, the cost can be greatly reduced. As long as there is enough memory and virtual software support, we can install any number of operating systems on one machine.
Honeyd is an excellent virtual honeypot software.