honeypot basics
TRANSCRIPT
![Page 1: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/1.jpg)
HONEYPOTS
HONEYPOTS
BY:-Manoj KumawatR. No. 13075029
![Page 2: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/2.jpg)
HONEYPOTS
• What is honeypot ?
A honeypot is a computer security mechanism set to detect, deflect or counteract attempts at unauthorized use of information system.
It’s simply a TRAP to attacker.
![Page 3: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/3.jpg)
HONEYPOTS
• How it works ?
A honeypot consists of data that appears to be a legitimate part of the site but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, which are then blocked.
![Page 4: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/4.jpg)
HONEYPOTS
![Page 5: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/5.jpg)
HONEYPOTS
Architecture:
•As a bait•Just some regular system•More attractive
![Page 6: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/6.jpg)
HONEYPOTS
![Page 7: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/7.jpg)
HONEYPOTS
• HONEYPOT CLASSIFICATION:By Implementation
• Virtual• Physical
By purpose• Production• Research
By level of interaction• High• Low• Middle?
![Page 8: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/8.jpg)
HONEYPOTS
• IMPLEMENTATION OF HONEYPOT:Physical
• Real machines• Own IP Addresses• Often high-interactive
Virtual• Simulated by other machines that:
– Respond to the traffic sent to the honeypots– May simulate a lot of virtual honeypots at the
same time
![Page 9: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/9.jpg)
HONEYPOTS
• PROPOSE OF HONEYPOT:Research
Complex to deploy and maintain.Captures extensive information.Run by a volunteer(non-profit).Used to research the threats organization face.
ProductionEasy to useCapture only limited informationUsed by companies or corporationsMitigates risks in organization
![Page 10: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/10.jpg)
HONEYPOTS
• INTERACTION LEVEL:• Low Interaction
• High Interaction
![Page 11: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/11.jpg)
HONEYPOTS• LOW INTERACTION VS. HIGH INTERACTION:
![Page 12: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/12.jpg)
HONEYPOTS
• Placement of honeypot
In front of the firewall (Internet)DMZ (De-Militarized Zone)Behind the firewall (intranet)
![Page 13: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/13.jpg)
HONEYPOTS
![Page 14: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/14.jpg)
HONEYPOTS
Honeypot Values:
•Prevention•Detection•Response
![Page 15: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/15.jpg)
HONEYPOTS
Prevention:
•Keeping the burglar out of your house.•Honeypots, in general are not effective prevention mechanisms.
![Page 16: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/16.jpg)
HONEYPOTS
Detection:
•Detecting the burglar when he breaks in.
![Page 17: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/17.jpg)
HONEYPOTS
Response:
•Honeypots can be used to help respond to an incident.
![Page 18: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/18.jpg)
HONEYPOTS
![Page 19: Honeypot Basics](https://reader036.vdocuments.site/reader036/viewer/2022081502/5878e3011a28abfa038b4e2f/html5/thumbnails/19.jpg)