19
HONEYPOT

Honeypot ppt1

Tags:

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Honeypot ppt1

HONEYPOT

Page 2: Honeypot ppt1

INTRODUCTION The purposes of honeypot are to detected and learn

from attacks and use that information provides network security.

Honeypots are analyzed by their role of application, which is meant it can be used for production and research.

DEFINATION OF HONEYPOT: "A honeypot is security resource whose value lies

in being probed, attacked, or compromised”. A honeypot is a system that is built and set up in

order to be hacked.

Page 3: Honeypot ppt1

HISTORY

1990-1991: first time , honeypot studies released by Clifford Stoll and Bill Cheswick .

1997: Deception Toolkit version 0.1 was introduced by Fred Cohen.

1998: First commercial honeypot was released which is known as Cyber Cop Sting.

Page 4: Honeypot ppt1

CONTINUED….

1998: Back Officer Friendly honeypot was introduced. It was free and easy to configure. It is working under Windows operating system.

1999: After Back Officer Friendly, people were more into this new technology. Honeynet project started at this year. people understood the aim of the honeypots more.

Page 5: Honeypot ppt1

ARCHITECTURE OF HONEYPOT

Page 6: Honeypot ppt1

HONEYPOT VALUE

• Prevention prevent automated attacks:(Warms and auto-

rooters)

• Detection identify a failure or breakdown in prevention

• Response

Page 7: Honeypot ppt1

TYPES OF HONEYPOT

Research Complex to deploy and maintain. Captures extensive information. Run by a volunteer(non-profit). Used to research the threats organization

face.

Production Easy to use Capture only limited information Used by companies or corporations Mitigates risks in organization

Page 8: Honeypot ppt1

LEVEL OF HONEYPOT

Level of interaction determines the amount of functionality a

honeypot provides

LOW INTERACTION HIGH INTERACTION

Low learning ,complexity & risk High learning ,complexity & risk

Page 9: Honeypot ppt1

HIGH LEVEL INTERACTION

Load of high-interaction honeypots are reduced by preprocessing the traffic using low-interaction honeypots as much as possible.

A high-interaction honeypot can be compromised completely, allowing an adversary to gain full access to the system and use it to launch further network attacks.

In High Interaction Honeypots nothing is emulated everything is real.

High Interaction Honeypots provide a far more detailed picture of how an attack or intrusion progresses or how a particular malware execute in real-time.

Page 10: Honeypot ppt1

LOW LEVEL INTERACTION

This kind of honeypot has a small chance of

being compromised.

It is production honeypot.

Typical use of low-interaction honeypot

includes:

port scans identification,

generation of attack signatures,

trend analysis and malware collection.

Page 11: Honeypot ppt1

LOW INTERACTION VS. HIGH INTERACTION

Page 12: Honeypot ppt1

PLACEMENT OF HONEYPOT In front of the firewall (Internet) DMZ (De-Militarized Zone) Behind the firewall (intranet)

Page 13: Honeypot ppt1

HONEYPOT TOPOLOGY

Mainly, There are two types of honeypot topologies:

Honeynet Virtual Honeypot

Honeynet:

Two or more honeypots on a network form a honeynet. Actual network of computers High-interaction honeypot Its an architecture, not a product

Page 14: Honeypot ppt1

CONTINUED..

Honeynet work: Monitoring, capturing, and analyzing all the packets entering

or leaving through networks.

All the traffic is entering or leaving through the Honeynet is naturally suspect.

Provides real systems, applications, and services for attackers to interact with.

Any traffic entering or leaving is suspect.

Page 15: Honeypot ppt1

DATA CONTROL OF HONEYWALL

Internet

No Restrictions

No Restrictions

Honeypot

Honeypot

Page 16: Honeypot ppt1

ADVANTAGES OF HONEYPOTS

Honeypots are focused (small data sets)s

Honeypots help to catch unknown attacks

Honeypots can capture encrypted activity (cf. Sebek)

Honeypots work with IPv6

Honeypots are very flexible

(advantage/disadvantage?)

Honeypots require minimal resources

Page 17: Honeypot ppt1

DISADVANTAGES OF HONEYPOT

Limited View: honeypots can only track and capture activity that directly interacts with them.

Specifically, honeypots have the risk of being taken over by the bad guy and being used to harm other systems. This risk various for different honeypots.

Page 18: Honeypot ppt1

CONCLUSION

The purpose of this topic was to define the what honeypots are and their

value to the security community. We identified two different types of

honeypots, low-interaction and high-interaction honeypots. Honeypots are not a solution, they are a flexible tool with different

applications to security. Primary value in detection and information gathering. Just the beginning for honeypots.

“ The more you know about your enemy,

the better you can protect yourself”

Page 19: Honeypot ppt1

Jan29 ppt1

Jan29 ppt1

Engineering
Rapport Honeypot

Rapport Honeypot

Documents
Olaan ppt1

Olaan ppt1

Business
Honeypot honeynet

Honeypot honeynet

Technology
An Advanced Hybrid Honeypot for Providing Effective ...jecei.sru.ac.ir/article_1185_a4a5f543dcc7056104c70245431f7383.pdf · “honeypot”, honeypot is a security resource that its

An Advanced Hybrid Honeypot for Providing Effective ...jecei.sru.ac.ir/article_1185_a4a5f543dcc7056104c70245431f7383.pdf · “honeypot”, honeypot is a security resource that its

Documents
Saatchi Ppt1

Saatchi Ppt1

Documents
Fbreveal ppt1

Fbreveal ppt1

Business
Bogie Ppt1

Bogie Ppt1

Documents
Mesopotamia ppt1

Mesopotamia ppt1

Documents
Ibe201 ppt1

Ibe201 ppt1

Technology
Keamanan Jaringan Honeypot · 2019. 12. 18. · Honeynet : kumpulan sistem untuk menjebak Honeypot Honeynet. Honeypot - Dionaea. Macam-macam Honeypot : Tools yang digunakan menurut

Keamanan Jaringan Honeypot · 2019. 12. 18. · Honeynet : kumpulan sistem untuk menjebak Honeypot Honeynet. Honeypot - Dionaea. Macam-macam Honeypot : Tools yang digunakan menurut

Documents
Ppt1 kemagnetan

Ppt1 kemagnetan

Documents
Makalah PPT1

Makalah PPT1

Documents
Barcelona ppt1

Barcelona ppt1

Documents
Virbhadra ppt1

Virbhadra ppt1

Business
Promotion ppt1

Promotion ppt1

Documents
Motapa Ppt1

Motapa Ppt1

Health & Medicine
Competency Ppt1

Competency Ppt1

Documents
Autism Ppt1

Autism Ppt1

Documents
final ppt1

final ppt1

Documents
u05 Honeypot

u05 Honeypot

Documents
Computerized Honeypot

Computerized Honeypot

Documents
Vertsol Ppt1

Vertsol Ppt1

Technology
Ppt1 Minunmikkelini

Ppt1 Minunmikkelini

Business
Honeypot Documentation

Honeypot Documentation

Documents
Lea Honeypot

Lea Honeypot

Documents
Honeypot Basics

Honeypot Basics

Technology
one childhood, one journey Honeypot House The Honeypot Playbus

one childhood, one journey Honeypot House The Honeypot Playbus

Documents
HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in

HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in

Documents
Honeypot ss

Honeypot ss

Education