Scribd Logo
Upload

Welcome to Scribd!

  • 24 views

    Honeypot Technology: Presented by A.Sathwik Reddy 15BD1A05A2

    Uploaded by

    sathvik ayireddy
    Honeypot technology involves setting up decoy computer systems to attract hackers. There are two main types of honeypots: production honeypots, which are used by companies to improve security; and research honeypots, which are used to study hacking techniques without putting real systems at risk. A honeypot works by luring attackers, controlling access to prevent data loss, and capturing data about attacks. They can range from simple low-interaction emulations to complex high-interaction systems that fully mimic real computers. While providing valuable security information, honeypots also have disadvantages like high costs and legal issues around deception.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Honeypot Technology: Presented by A.Sathwik Reddy 15BD1A05A2

    Uploaded by

    sathvik ayireddy
    24 views17 pages
    Honeypot technology involves setting up decoy computer systems to attract hackers. There are two main types of honeypots: production honeypots, which are used by companies to improve security; and research honeypots, which are used to study hacking techniques without putting real systems at risk. A honeypot works by luring attackers, controlling access to prevent data loss, and capturing data about attacks. They can range from simple low-interaction emulations to complex high-interaction systems that fully mimic real computers. While providing valuable security information, honeypots also have disadvantages like high costs and legal issues around deception.

    Original Description:

    honeypot technology docmentation

    Original Title

    693f09a2-b35c-4445-8678-ab5220058925

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Honeypot technology involves setting up decoy computer systems to attract hackers. There are two main types of honeypots: production honeypots, which are used by companies to improve security; and research honeypots, which are used to study hacking techniques without putting real systems at risk. A honeypot works by luring attackers, controlling access to prevent data loss, and capturing data about attacks. They can range from simple low-interaction emulations to complex high-interaction systems that fully mimic real computers. While providing valuable security information, honeypots also have disadvantages like high costs and legal issues around deception.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    24 views17 pages

    Honeypot Technology: Presented by A.Sathwik Reddy 15BD1A05A2

    Uploaded by

    sathvik ayireddy
    Honeypot technology involves setting up decoy computer systems to attract hackers. There are two main types of honeypots: production honeypots, which are used by companies to improve security; and research honeypots, which are used to study hacking techniques without putting real systems at risk. A honeypot works by luring attackers, controlling access to prevent data loss, and capturing data about attacks. They can range from simple low-interaction emulations to complex high-interaction systems that fully mimic real computers. While providing valuable security information, honeypots also have disadvantages like high costs and legal issues around deception.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 17

    HONEYPOT TECHNOLOGY

    Presented
    by
    A.SATHWIK REDDY
    15BD1A05A2
    What is a Honeypot?
    ⚫ Abstract definition:
    “A honeypot is an information
    system resource whose value lies
    in unauthorized or illicit use of
    that resource”
    ⚫ Concrete definition:
    “A honeypot is a faked vulnerable
    system used for the purpose of
    being attacked, probed, exploited
    and compromised”
    How does a Honeypot work?

    ⚫ Lure attackers.

    ⚫ Data control.

    ⚫ Data capture.
    Categories of Honeypots
    ⚫ Production honeypots:
    ⚫ Production honeypots are placed
    inside the production network
    with other production servers by
    an organization to improve their
    overall state of security. 
    ◦ Easy to deploy and maintain.
    ◦ Inexpensive.
    ◦ Capture limited information.
    ◦ Used primarily by companies or
    corporations.
    Categories of Honeypots
    ⚫ Research honeypots:
    ⚫ Gather information about the motives and
    tactics of the black hat community targeting
    different networks.
    ⚫ They do not add direct value to a specific
    organization; instead, they are used to
    research the threats that organizations face
    and to learn how to better protect against
    those threats.
    ◦ Very complex to deploy and maintain.
    ◦ Expensive.
    ◦ Captures extensive information
    Characteristics of a
    Honeypot
    ⚫ Decoy system
    ⚫ Security Vulnerabilities
    ⚫ Closely monitored
    ⚫ Deceptive
    ⚫ Well designed
    Basic Honeypot design
    Classifications
    ⚫ Low-interaction honeypot:
    ◦ Only part of applications
    and OS are emulated by
    software.
    ◦ No “real” interaction.
    ◦ Easy to deploy and maintain.
    ◦ Limited logging.
    ◦ Can be easily detected by
    skilled hackers.
    Classifications
    ⚫ High-interaction honeypot:
    ◦ Full access to OS.
    ◦ Captures substantial amount
    of information(actions, tools,
    behavior, origin, identity,
    etc).
    ◦ Extremely complex, time
    consuming, expensive.
    ◦ Very high level of risk.
    Low interaction vs. High
    interaction
    Low-interaction High-interaction

    Installation Easy More difficult

    Maintenance Easy Time consuming

    Risk Low High

    Need control No Yes

    Data gathering Limited Extensive

    Interaction Emulated Full control


    Examples of Honeypots
    ⚫ BackOfficer friendly Low interaction

    ⚫ KFSensor

    ⚫ Honeyd

    ⚫ Nepenthes

    ⚫ Honeynets
    High interaction
    Advantages
    ⚫ Small data sets of high value.
    ⚫ Minimal resources.
    ⚫ Encryption or IPv6.
    ⚫ Information
    ⚫ Simplicity.
    ⚫ Protection.
    ⚫ Attack prevention.
    Disadvantages
    ⚫ Limited value.
    ⚫ High risk.
    ⚫ Labor/skill intensive.
    ⚫ Legal issues.
    ⚫ Deception Technology
    ⚫ Recently, a new market segment
    called deception technology has emerged
    using basic honeypot technology with the
    addition of advanced automation for
    scale. Deception Technology addresses
    the automated deployment of honeypot
    resources over a large commercial
    enterprise or government institution.
    Conclusion
    ⚫ Honeypots can be used for production
    purposes by preventing, detecting, or
    responding to attacks.
    ⚫ Honeypots can also be used for research,
    gathering information on threats so we
    can better understand and defend against
    them.
    ANY QUERIES ??

    You might also like