Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: Re: Hardware Performance of Honeyd

Re: Hardware Performance of Honeyd

From: David Watson <david_at_honeynet.org.uk>
Date: Fri, 12 Jan 2007 18:08:34 +0000

Sol_Invictus wrote:
> Could any of you provide examples of similar types of implementations,
> hardware performance examples, or any advice on what to be aware of?
>
> Our goal is a nice Class B network with random "Configured" systems for more
> info for some good reporting.. My main question is, would this system
> handle a class A honeynet?
>
> Any advice is always welcome, and I look forward to any replies.

Sol,

The rate of TCP connections and number of hops in your honeyd virtual
network topology will probably be the main performance factors.

Presumably you have already seen http://www.honeyd.org/performance.php
and
http://www.usenix.org/events/sec04/tech/full_papers/provos/provos_html/index.html

I`m not data for modern hardware has been published, but you might find
some of the following papers useful:

http://www.cs.wisc.edu/~pb/isink_final.pdf
http://www.diadem-firewall.org/workshop06/papers/monam06-paper-36.pdf
http://www.cs.ucsd.edu/~savage/papers/Sosp05.pdf
http://www.cc.gatech.edu/fac/kalyan/security-sims.htm

Hope that helps!

Thanks,

David 

-- 
David Watson
UK Honeynet Project
www.ukhoneynet.org
david_at_honeynet.org.uk
Received on Jan 12 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos