Defeating honeypots : network issues, part 1
The purpose of this paper is to explain how attackers typically behave when they attempt to identify and defeat honeypots. This is not an exhaustive description of all the tools and methods that are publicly known (or unknown), but this article will help security teams who would like to setup or harden their own lines of deception-based defense. After some theoretical considerations, we will discuss some technical examples to emphasize our explanations.
By Laurent Oudot and Thorsten Holz at SecurityFocus.
[ Read more ]