Embed Size (px)
Citation preview
Honeypots
By: Talha Riaz
History of Honeypots
• 1990/1991 The Cuckoo’s Egg and Evening with Berferd.
• 1997 - Deception Toolkit.
• 1998 - CyberCop Sting.
• 1998 - NetFacade (and Snort).
• 1998 - BackOfficer Friendly.
• 1999 - Formation of the Honeynet Project.
• 2001 - Worms captured.
Definition
A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. (This includes the hacker, cracker, and script kiddy.)
Honey Pot Systems are decoy servers or systems setup to gather information regarding an attacker or intruder into your system. It is important to remember that Honey Pots do not replace other traditional Internet security systems; they are an additional level or system.
Level of Interaction Low Interaction
Simulates some aspects of the system
Honeyd
Easy to deploy, minimal risk
Limited Information
High Interaction
Simulates all aspects of the OS: real systems
Can be compromised completely, higher risk
More Information
Honeynet
Level of Interaction
Physical vs. Virtual Honeypots
Physical Honeypots
are actual (physical)
computers that are
set up with additional
logging and security
mechanisms
o Virtual Honeypots are a software package that allows you to fake numerous computer distributions at various places over the network from one computer.
Physical, Virtual Honeypots And
Hybrid System
Classification of Honeypot
Location of Honeypots
In front of the firewall
Demilitarized Zone
Behind the firewall (Intranet)
Conclusion The implementation I created addressed the problems
with open source Honeypots.
Virtualization makes easy to deploy honeypots .
Honeyd needs some improvements to make this system as complete and functional as it could be.
Moving Honeypot technology to easy to deploy read-only mediums is the best implementation.
References
http://searchsecurity.techtarget.com/definition/
honey-pot
https://www.sans.org/security-
resources/idfaq/honeypot3.php
