具有指纹库扩展功能的蜜罐系统开发研究

Development of the Honeypot System with Fingerprint Database Scalability

蜜罐是一种通过伪装成真实系统或服务来诱骗攻击者的网络安全技术。蜜罐有着许多其他网络安全技术无法比拟的优点,已经成为当前网络安全领域里研究的热点。首先介绍蜜罐的概念以及开源蜜罐软件Honeyd的基本特点和基本要素,然后介绍基于Honeyd所开发的蜜罐诱捕系统,最后指出该蜜罐系统指纹库无法更新的缺陷,并提出重要的改进方案。

Honeypot is a network security technology, which seduces the attackers by pretending to be the real system or service. Honeypot has many unparalleled advantages by other network security technology, and has become the hotpoint in the network security area. This paper first introduces the concept of the honeyport and the core of the system： Honeyd, then describes the honeypot system based on Honeyd, and finally the paper points out a bug in this system, that is, its fingerprint database could not be updated, and provides an important modified solution.