White Paper: Honeypots
نویسنده
چکیده
4 Concepts 3 4.1 Level of Involvement . . . . . . . . . . . . 3 4.1.1 Low-Involvement Honeypot . . . . 3 4.1.2 Mid-Involvement Honeypot . . . . 3 4.1.3 High-Involvement Honeypot . . . . 3 4.1.4 Overview . . . . . . . . . . . . . . 4 4.2 Network Topologies and Honeynets . . . . 4 4.2.1 Honeypot Location . . . . . . . . . 4 4.2.2 Honeynets . . . . . . . . . . . . . . 5 4.3 Host based Information Gathering . . . . 5 4.3.1 Basic Possibilities . . . . . . . . . . 6 4.3.2 Microsoft Windows . . . . . . . . . 6 4.3.3 UNIX derivatives . . . . . . . . . . 6 4.4 Network based Information Gathering . . 7 4.4.1 Firewall . . . . . . . . . . . . . . . 8 4.4.2 IDS . . . . . . . . . . . . . . . . . 8 4.4.3 Encrypted Connections . . . . . . 8 4.5 Active Information Gathering . . . . . . . 8 4.6 Dangers . . . . . . . . . . . . . . . . . . . 9 4.7 Protecting Third Parties . . . . . . . . . . 9 4.8 Limiting Risk . . . . . . . . . . . . . . . . 9 4.9 Attractiveness . . . . . . . . . . . . . . . . 10
منابع مشابه
Data Collection and Data Analysis in Honeypots and Honeynets
Honeypots and honeynets are unconventional security tools to study techniques, methods, tools, and goals of attackers. Therefore, data analysis is an important part of honeypots and honeynets. In paper we focus on analysis of data collected from different honeypots and honeynets. We discuss framework to analyse honeypots’ and honeynets’ data. Also, we outline a secure way to transfer collected ...
متن کاملWhite Paper: .“Honeypot, Honeynet, Honeytoken: Terminological issues.”
Many different terms, definitions and classifications for honeypots, honeynets and other honeytokens have been proposed by several authors during the last 3 years. In this document, we offer a summary of the various proposals and we discuss their advantages and drawbacks. We also offer our own definition at the end of the paper.
متن کاملHoneypots: Basic Concepts, Classification and Educational Use as Resources in Information Security Education and Courses
This paper deals with the basic aspects of Honeypots, their use in modern computer networks and their implementation in educational environments. Initially, the implementation of Honeypots solves a common problem of Information Security and Forensics: The dissection of the elements that make up an attack against a computer system. Next, the paper explains the different types and functions of Ho...
متن کاملComparative Study of Different Honeypots System
–A honeypot is a closely monitored network decoy serving several purposes: it can distract adversaries from more valuable machines on a network, provide early warning about new attack and exploitation trends and allow indepth examination of adversaries during and after exploitation of a honeypot. The concept of honeypots was first proposed in Clifford Stoll's book “The Cuckoo's Egg", and Bill C...
متن کاملHoneypots: How do you know when you are inside one?
This paper will discuss honeypots and their use and effectiveness as a security measure in an IT environment. It will specifically discuss various methods of honeypot implementations. Furthermore, this paper will look into the weaknesses within a honeypot system. This will include attacks against honeypots and methods a hacker may use to detect the presence of a honeypot or the fact that he/she...
متن کاملA Markov Decision Process Model for High Interaction Honeypots
Honeypots, which are traps designed to resemble easy to compromise computer systems, have become essential tools for security professionals and researchers because of their significant contribution in disclosing the underworld of cybercirmes. However, recent years have witnessed the development of several anti-honeypot technologies. Botmasters can exploit the fact that honeypots should not part...
متن کامل