Professional Documents
Culture Documents
A WORD ON SECURITY
Brief Background
Who is a Hacker?
A Hacker is a person who tries to gain unauthorized access to a network.
Definition of Honeypots
A honeypot is a security resource whose value is in being probed, attacked or compromised
HONEYPOT ?
HoneyPots are not a single tool but a highly flexible technology. HoneyPots come in variety of shapes and sizes.
everything from a simple windows system emulating a few services to an entire network of production systems waiting to be hacked !!!
QUESTIONS ON HPs ?
What are the different values this unique technology can have? What are the different HoneyPot technologies available today? What the advantages and disadvantages of using HoneyPots? Are there any deployment and maintenance issues associated with HoneyPots? Are all HoneyPots offensive in nature?
IS THIS A HONEYPOT ?
On a network, install a firewall which restricts all outbound traffic. Attackers can get into the network but not use this network to spread out the infection.
CONCERNS
(THE WHAT-IF FACTOR) What if the attacker is lured into a HoneyPot? He/She will be infuriated by the deception and retaliate against the organisation. What if the HoneyPot is misconfigured?
Resources
HoneyPots typically donot have problems of resource exhaustion.
Simplicity
No fancy algorithms to develop. No signature databases to maintain. No rule-bases to misconfigure !
DISADVANTAGES OF HONEYPOTS
Fingerprinting
An incorrectly implemented HoneyPot can identify itself and others of the same kind.
LEVEL OF
WORK TO INSTALL
WORK TO DEPLOY
INFORMATION
LEVEL OF
INTERACTION
AND CONFIGURE
AND MAINTAIN
GATHERING
RISK
Low
Easy
Easy
Limited
Low
Medium
Involved
Involved
Variable
Medium
High
Difficult
Difficult
Extensive
High
Conclusion
Honeypots are good resources for tracing hackers. The value of Honeypots is in being Hacked. Honeypots have their own pros and cons and this technology is still developing.
REFERENCES