Honeypots
Nowadays networks which are connected to the Internet are under permanent attack by intruders and automated attacks of worms. A variety of detection tools exist such as Intrusion Detection Systems (IDS) and firewalls, but the main problem is that they only react on preconfigured and known attacks.
Although there exist a number of security tools that are available today, none of these tools can easily address all of the security goals of an organization. As computer attacks evolve, new responses are essential. Thus organisations look for more advanced tools which are effective in detecting security attacks and recovering from them.
In order to monitor the activities of hackers, the methodology adopted is to deceive, by giving them some emulated set of services on a system which appears to be legitimate. The hackers’ activities are then logged and monitored to gain insight into their employed tactics. This idea is adopted in Honeypots, a system whose value lies in being probed, attacked and compromised.
1.1 What are honeypots Honeypots are an upcoming technology that can be used to detect and analyze network attacks. A honeypot is an apparently vulnerable system deployed to be hacked. Some tests have shown that honeypots are exposed to lots of known attacks and noise that hide the valuable information about new attacks and vulnerabilities. Nowadays, they are also being extensively used by the research community to study issues in network security. Using honeypots provides a cost-effective solution to increase the security posture of an organization. Through our paper we found that the use of honeypots is an effective educational tool to study issues in network security. Honeypots. don't catch only the lame hackers. Sometimes they catch the new tools and are able to reduce their effectiveness by letting security practitioners quickly react before they become widespread. They don't catch just the attackers outside our firewall but the
Although there exist a number of security tools that are available today, none of these tools can easily address all of the security goals of an organization. As computer attacks evolve, new responses are essential. Thus organisations look for more advanced tools which are effective in detecting security attacks and recovering from them.
In order to monitor the activities of hackers, the methodology adopted is to deceive, by giving them some emulated set of services on a system which appears to be legitimate. The hackers’ activities are then logged and monitored to gain insight into their employed tactics. This idea is adopted in Honeypots, a system whose value lies in being probed, attacked and compromised.
1.1 What are honeypots Honeypots are an upcoming technology that can be used to detect and analyze network attacks. A honeypot is an apparently vulnerable system deployed to be hacked. Some tests have shown that honeypots are exposed to lots of known attacks and noise that hide the valuable information about new attacks and vulnerabilities. Nowadays, they are also being extensively used by the research community to study issues in network security. Using honeypots provides a cost-effective solution to increase the security posture of an organization. Through our paper we found that the use of honeypots is an effective educational tool to study issues in network security. Honeypots. don't catch only the lame hackers. Sometimes they catch the new tools and are able to reduce their effectiveness by letting security practitioners quickly react before they become widespread. They don't catch just the attackers outside our firewall but the