English

NoSEBrEaK - Attacking Honeynets

Cryptography and Security 2016-11-15 v1 Computers and Society

Abstract

It is usually assumed that Honeynets are hard to detect and that attempts to detect or disable them can be unconditionally monitored. We scrutinize this assumption and demonstrate a method how a host in a honeynet can be completely controlled by an attacker without any substantial logging taking place.

Cite

@article{arxiv.cs/0406052,
  title  = {NoSEBrEaK - Attacking Honeynets},
  author = {Maximillian Dornseif and Thorsten Holz and Christian N. Klein},
  journal= {arXiv preprint arXiv:cs/0406052},
  year   = {2016}
}