Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Overview: Honeypots

Published byAnne Lewis Modified over 5 years ago

Similar presentations

Presentation on theme: "Security Overview: Honeypots"— Presentation transcript:

1 Security Overview: Honeypots
Stuart Hoxie

2 General Concept Honeypot Servers are an intrusion detection system for medium, large and experimental networks. As the name implies, honeypots are used to attract and trap malicious traffic. Primary Values in being: Probed Attacked Compromised

3 Honeypot Solutions Generally there are three solutions for what a Honeypot server can do: Deceive attackers Detect attacks/attackers Be compromised and learned from

4 Achieving The Three Goals
In order to achieve the three primary goals, the system should: Look as real as possible. Be constantly monitored and surveyed. Appear as usable and meaningful as the real thing

5 How It Works Attackers are drawn to large deposits of valuable informations and honeypots exploit this. By faking information and hiding their true purpose, a well placed server can contribute to overall network security. These servers are exposed and are rather difficult to break, not impossible. This makes them more a legitimate target. Monitoring and Tracking tools are loaded to trace all activity of the attackers in detail. Using many Honeypots is considered a Honeynet.

6 How It Works Example:

7 Why We Use Honeypots Divert attention from the real network
Building attacker profiles Identify new vulnerabilities and risks associated with new software Capture & study new viruses, worms, and other malware

8 Research Honeypots Criteria:
Not implemented for the purpose of protecting a network Used to study attack patterns, behaviors, offensive tools, and other threats Education/research driven

9 Production Honeypots Criteria:
Implemented for the purpose of protecting an organization or environment Directly assist in securing a network Detection, prevention, and response For example Tarpits can be used to slow down automated attacks and worms. For humans, psychological defenses are used. Confusing the attacker with complex or unordinary layouts/design, misleading or deceiving and deterring attacks.

10 Advantages Live and Gathering Resources Information Gathering
Designed to capture anything that interacts with them Unknown can be researched Resources Basic machines can be implemented to handle large networks Information Gathering Collect detailed information on all interactions as a security incident tool Real Environments IPv6/v4 implementation Simplicity Basic to design, implement and install Tactics never seen before and Zero day attacks can be researched and analysed

11 Disadvantages Vision Risk
Limited to implemented scope and interaction with them Inability to support/analyse neighbors Risk Potential to hijacking and leveraging Misconfiguration

12 Resources

Download ppt "Security Overview: Honeypots"

Similar presentations

Uzair Masood 100111089 MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.
HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Honeypots Presented by Javier Garcia April 21, 2010.

Honeypots Presented by Javier Garcia April 21, 2010.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
EECS 598-2 Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
PNW Honeynet Overview. Agenda What is a Honeynet What is the PNW Honeynet Alliance Who is involved in the project Where to get more information.

PNW Honeynet Overview. Agenda What is a Honeynet What is the PNW Honeynet Alliance Who is involved in the project Where to get more information.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.

Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Similar presentations

Ads by Google