摘要
以弱化系统方式配置高交互的蜜罐系统,在宿主机使用VMWare可虚拟出Windows2000Professional。该蜜罐配置包括安装虚拟操作系统、系统补丁和杀毒程序、日志服务器和相关记录、数据包捕获等步骤。入侵检测则是对捕获到的蠕虫病毒的攻击过程进行记录和分析,发现和掌握黑客攻击特征和网络病毒运行机制,为进一步采取防范措施提供参考。
The high-interactive honey pot system was configured by weakening system mode. The Windows 2000 Professional was created by using VMWare in host. The configuration of honey pot includes installing virtual operation system, system mends, anti-virus process, log server, relative records, data package capturing and so on. The invasion detection was used to record and analyze the captured attack process of worm virus. In this way, features of hack attack and running mechanisms of network virus could be discovered and known. The references could be provided for further defenses.
出处
《兵工自动化》
2006年第4期44-45,48,共3页
Ordnance Industry Automation
