Neofelis, High-Interaction Honeypot Framework for Mac OS X
Authors
Abstract
A honeypot is a set of computational resources, designed to be swept, attacked and compromised. With a constant monitoring, detailedly record the attacker activities creating means to further understanding of the used approaches and tools. The value obtained from this computational resource is a measure calculated between the captured information and the future use of this data. Neofelis is a framework for high-interaction honeypots on Mac OS X operating system, that allows the system administrator to create a high-interaction honeypot feasible to several different scenarios.This paper discusses Neofelis design, implementation and pointing out how the framework helps in different areas of the information security, e.g. detecting zero-day exploits and capturing informations about the attacks