P.S.G.V.P.

MANDAL’S
D.N.PATEL COLLEGE OF ENGINEERING, SHAHADA
DIST: NANDURBAR (M.S.) 425409
2023-24
Department of Electronic & Telecommunication Engineering

SEMINAR
ON
“HONEYPOT”

Submitted by-
Om Pramodrao Shende

(2251641372044) SY E&TC

Prof. V.K.PATIL Under the guidance of Prof. N.J.PATIL

Head of department Prof. J.H. Patil Principal
 Content
 Introduction
 History
 Types of Honeypot
 Advantages
 Disadvantages
 Application
 Conclusion
 Future scope
 Refrences
Introduction

Honeypots are the intentionally made highly vulnerable machine to be attacked

to gain more information about the attackers and the used tools.

It is a trap set to detect and deflect the unauthorized use of information system.

They don't fix a single problem. Instead they have multiple uses, such as

 prevention
 detection
 information gathering
History of honeypot

The idea of honeypot began in 1991 with two publications, “The cuckoos Egg” and
“An Evening with Breford”. The cukoos Egg” by Clifford stoll was about his
experience catching a computer hacker that was in this corporation searching for
secrets.
Types of honeypot

 Two Types
# Low Interaction
# High Interaction
 Two categories
#Production
#Research
Low Interaction : High Interaction:

 Looks and act like an Operating System  Real Operating System with services

 Easy to install  Complex to install and deploy

 Minimal risk  Increased Risk

 Captures bit of information  Captures lots of information

 Example: specter, honeyd  example: honeynets

Working of honeyd – Low interaction Honeypot:

1. Honeyd monitors unused IP space

2. When an attacker probes an unused IP,
Honeyd detects the probe, takes over the
IP via ARP spoofing.
3. Honeyd creates a virtual honeypot for
the attacker to interact with.
4. The attacker is fooled into thinking he is
interacting with a successful hacked
system.
Working Of Honeynets – High interaction honeypot

 Internet coming from the router

 Then the router direct to the
Honeywall Gateway it sents the
unusual traffic to this gateway to
this honeypot
 But before sending it capture the IP
address name address and all the
information.
Advantages of honeypot

 One of the key advantages of establishing a honeypot is its simplicity.

 The second advantage of honeypot is the small data collection.
 The third advantage is cost.Some simpler versions can be downloaded for free.
Disadvantages of Honeypot

 The biggest disadvantage of honeypot is the narrow field of view.

 Honeypot can only see activities directed against.
 The third disadvantage of honeypot is risks
Application of honeypot

The purpose of a honeypot is to refine an organization’s intrusion

detection system (IDS)and threat response so it is in a better position
to manage and prevent attacks. There are two primary kinds of honeypot: production
and research.
Future scope

As cyber threats evolve, honeypots will

continue to play a crucial role in
cybersecurity. Advancements in
artificial intelligence, machine learning,
and automation will enhance honeypot
capabilities, enabling more
sophisticated deception techniques
and improved threat intelligence.
Conclusion

Honeypots are powerful tools in the cybersecurity arsenal. By providing valuable

insights, diverting attackers, and aiding in threat detection, they contribute to a
proactive defense strategy. Understanding the benefits, limitations, and best practices
of honeypots is essential for organizations to strengthen their security posture.
 References

1) https://www.madlab.it/papers/sac17_darknets.pdf
2) Doug Krause (1997).
"M*A*S*H FAQ: Episode Guide #172“
( documented by sudo)
Thank You