Preview

Honeypots

Good Essays
Open Document
Open Document
7197 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Honeypots
Introduction

The Internet is growing fast and doubling its number of websites every 53 days and the number of people using the internet is also growing. Hence, global communication is getting more important every day. At the same time, computer crimes are also increasing. Countermeasures are developed to detect or prevent attacks - most of these measures are based on known facts, known attack patterns. Countermeasures such as firewalls and network intrusion detection systems are based on prevention, detection and reaction mechanism; but is there enough information about the enemy?

As in the military, it is important to know, who the enemy is, what kind of strategy he uses, what tools he utilizes and what he is aiming for. Gathering this kind of information is not easy but important. By knowing attack strategies, countermeasure scan be improved and vulnerabilities can be fixed. To gather as much information as possible is one main goal of a honeypot. Generally, such information gathering should be done silently, without alarming an attacker. All the gathered information leads to an advantage on the defending side and can therefore be used on productive systems to prevent attacks.

A honeypot is primarily an instrument for information gathering and learning. Its primary purpose is not to be an ambush for the blackhat community to catch them in action and to press charges against them. The focus lies on a silent collection of as much information as possible about their attack patterns, used programs, purpose of attack and the blackhat community itself. All this information is used to learn more about the blackhat proceedings and motives, as well as their technical knowledge and abilities. This is just a primary purpose of a honeypot. There are a lot of other possibilities for a honeypot - divert hackers from productive systems or catch a hacker while conducting an attack are just two possible examples. They are not



References: “Know Your Enemy: Honeynets”. 18 Sep. 2002.

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Unit 454 Lab 4 Essay

    • 457 Words
    • 2 Pages

    Honey pot is a closely monitored decoy system. It traces the network attacks. It can distract from more valuable targets and gather forensic evidence from the attackers and their techniques.…

    • 457 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    An essential part of network security is knowing what the characteristics of an attack are, so they can be countered or prevented. When the university suffered an overwhelming internal DDoS attack, it required administrators to reevaluate its security guidelines based on what was known about the attack.…

    • 1279 Words
    • 6 Pages
    Better Essays
  • Satisfactory Essays

    NT260 unit 1 assignment 1

    • 624 Words
    • 3 Pages

    Botnet - Attackers use botnets to automatically run and distribute malicious software on “agent” servers. They are commonly used in DDoS attacks and spam campaigns.…

    • 624 Words
    • 3 Pages
    Satisfactory Essays
  • Better Essays

    Hardware can be used to protect the network from outside threats. Intrusion detection systems (IDS) automate detection of threats and attack through traffic analysis. Cisco’s IDS “delivers a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, along with bandwidth and e-Business application attacks” (Cisco Systems, 2007, Cisco Intrusion Detection). They take this one-step further with an intrusion prevention systems (IPS). IPS shifts the focus on the attacker, not the attack itself, by increasing the accuracy of threat prevention through global threat analysis (Cisco Systems, 2012, Intrusion Prevention System with Global Correlation). The Cisco Adaptive Security Appliances (ASA) “combines the industry 's most deployed stateful inspection firewall with…

    • 890 Words
    • 4 Pages
    Better Essays
  • Better Essays

    Lab2 Snort

    • 1322 Words
    • 4 Pages

    References: CSEC 630 Lab2 -Intrusion Detection System and Protocol Analysis Lab (n.d.). University of Maryland University College. Retrieved from: https://learn.umuc.edu/d2l/common/viewFile.d2lfile/Database/NzkyMzkw/CSEC630_lab2_LEO.pdf?ou=33745…

    • 1322 Words
    • 4 Pages
    Better Essays
  • Satisfactory Essays

    Nt1330 Unit 3.1 Essay

    • 488 Words
    • 2 Pages

    A honeypot is effectively a trap for potential attackers. Generally it’s a computer isolated from your network that is setup to look like it is part of the network and is designed to appear as though it contains important information. Desirably this’ll draw the attention of attackers. By having a honeypot you can monitor it so you can detect attackers faster and don’t require performance taxing protocols running on all of your systems in your network. Hopefully those wishing to snoop your network will be focused towards your honeypot and then you can monitor the attacker and reduce potential impact from them (Wikipedia - Honeypot, 2015).…

    • 488 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Lab 2

    • 430 Words
    • 2 Pages

    2. What is a honeypot? How is it different from a honeynet? A honeypot is a decoy system that will lure potential hackers away from the networks critical systems. A honeynet is where the system subnet is constantly changing and it lures attackers away by redirecting the the subsystems that are rich in information.…

    • 430 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Nt1310 Unit 3 Essay

    • 1872 Words
    • 8 Pages

    There are cybercriminals who commit crimes using the computers and networks. They spread malicious viruses through the networks such as worms and Trojan horses. They hack other people's computers to steal important data and identity or destroy data. A hacker uses a packet sniffer to intercept the unencrypted network traffic and capture the passwords or other important information which was communicated through the network. Botnet or a Zombie computer is a computer which a hacker uses to spread viruses and to commit cybercrimes while the owner of the computer is unaware of it.…

    • 1872 Words
    • 8 Pages
    Better Essays
  • Good Essays

    Castleton Honeypot Site

    • 1059 Words
    • 5 Pages

    * Because there is an increase in employment there will therefore, be a reduction on the crime rates…

    • 1059 Words
    • 5 Pages
    Good Essays
  • Satisfactory Essays

    School

    • 629 Words
    • 3 Pages

    Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you planned an attack on 172.30.0.0/24 where the VM server farm resides, and used the Zenmap GUI to perform an “Intense Scan” on the targeted IP subnetwork.…

    • 629 Words
    • 3 Pages
    Satisfactory Essays
  • Better Essays

    Cmgt 400 Week 2

    • 1100 Words
    • 3 Pages

    The internet is approximately 40 years old and is continuing to grow at a rapid pace. This rapid growth and use of the internet for practically everything you can do in life has also cause a major increase in threats. Cyber-criminals are often breaking into security on many major websites and making the news. Information Security is turning into an important part in protect a business’s information.…

    • 1100 Words
    • 3 Pages
    Better Essays
  • Better Essays

    Dougherty, C., Householder, A., & Houle, K. (2002). Computer attack trends challenge Internet security. Computer, 35(4), 0005-7.…

    • 1278 Words
    • 5 Pages
    Better Essays
  • Good Essays

    Cmgt/441 Week 3

    • 768 Words
    • 4 Pages

    Posey, B. (2011, March 11). 10 best practices for windows security. Tech republic, Retrieved from http://www.techrepublic.com/blog/10things/10-best-practices-for-windows-security/2383…

    • 768 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Computer security is made up of digital forensic, network security, and preventing malware, and is a rapidly growing field that involves gathering and analyzing evidence from computers and networks. Because computers and the internet are the fastest growing technology used for criminal activity, the need for computer security managers will increase in years to come.…

    • 525 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you planned an attack on 172.30.0.0/24 where the VM server farm resides, and used the Zenmap GUI to perform an “Intense Scan” on the targeted IP subnetwork.…

    • 1091 Words
    • 5 Pages
    Good Essays

Related Topics