Honey po tppt

71 %
29 %
Information about Honey po tppt
Technology

Published on February 27, 2014

Author: araryaarya9

Source: slideshare.net

Description

Honeypot is a trap set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems.

HONEY POT

CONTENTS

Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems They are the highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering A honeypot is an information system resource whose value lies in unauthori z ed or illicit use of that resource.

What is honeypot?? • A Honey Pot is an intrusion detection technique used to study hackers movements. • Virtual machine that sits on a network or a client • Goals  Should look as real as possible!  Should be monitored to see if its being used to launch a massive attack on other systems  Should include files that are of interest to the hacker.

Historical Aspects 1 9 9 0 / 1 9 9 1 - t h e C u c ko o ’s E g g A n d E v e n i n g With B e r fe r d 1 9 9 7 – D e c e p t i o n To o l k i t 1998–Cybercop Sting 1998–Netfacade(and Snort) 1 9 9 8 – B A c ko f f i c e r F r i e n d l y 1999–Formation Of The Honeynet Project 2001–W orms Captured 2002–Dtspcd Exploit Capture

Fig:Honey pot

Classification B y level of Interaction High Low B y Implementation Virtual Physical B y purpose Production Research

Low interaction Honeypots They have limited interaction, they normally work by emulating services and operating systems. ..They simulate only services that cannot be exploited to get complete access to the honeypot. ..Attacker activity is limited to the level of emulation by the honeypot. .. Examples : Honeyd, High Interaction Honeypots They are usually complex solutions as they involve real operating systems and applications Nothing is emulated, the attackers are given the real thing. A high-interaction honeypot can be compromised completely, allowing an adversary to gain full access to the system and use it to launch further network attacks Examples : Honeynets.

Physical Virtual • Real machines • Own IP Addresses • Often high-interactive • Simulated by other machines that: • Respond to the traffic sent to the honeypots • May simulate a lot of (different) virtual honeypots at the same time.

Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations Prevention • There are no effective mechanisms • Deception, Deterrence, Decoys do NOT work against automated • attacks: worms, auto-rooters, mass-rooters Detection • Detecting the burglar when he breaks in Response • Can easily be pulled offline

Research Research honeypots are complex to deploy and maintain,capture extensive information, and are used primarily by research, military, or government organizations. Collect compact amounts of high value informatio n Discover new Tools and Tactics U nderstan d Motives, B ehavior, and Organi z ation Develop Analysis and Forensic Skills

Advantages Small data sets of high value. Easier and cheaper to analyz e the data Designed to capture anything thrown at them, including tools or tactics never used before Require minimal resources Work fine in encrypted or Ipv6 environments Can collect indepth information Conceptually very simple

Disadvantages Can only track and capture activity that directly interacts with them All security technologies have risk Building, configuring, deploying and maintaining a highinteraction honeypot is time consuming Difficult to analyze a compromised honeypot High interaction honeypot introduces a high level of risk Low interaction honeypots are easily detectable by skilled attack

Today’s concepts Primarily to identify threats and learn more Military,gover about them. nment organisations, security companies appling the technology. Commercial application increasing everyday.

Conclusion Can collect in depth data which no other technology can Different from others – its value lies in being attacked, probed or compromised Extremely useful in observing hacker movements and preparing the systems for future attacks Not a solution!

Add a comment

Related presentations

Related pages

E tppt - Documents

E tppt. by hyoseon. on Jul 21, 2015. Report Category: Documents. Download: 0 Comment: 0. 171. views. Comments. Description. Download E tppt. Transcript ...
Read more

TPR - What does TPR stand for? The Free Dictionary

TPR is listed in the World's largest and most authoritative dictionary database of ... TPPT; TPPU; TPPV; TPPW; TPQ; TPQFP; TPQL; TPQN; TPR; TPRA; TPRADFM ...
Read more

Antioxidant Effect of Thiamine on Acutely Alcoholized Rats ...

... (tr olox equiv alent antioxidant po wer) ... in the tissue-specific expression of TPPT was also suggested by the ... Honey reduces blood alcohol ...
Read more

Audio tes tppt - Education - documents

Audio tes tppt; Audio tes tppt Nov 18, 2014 Education lifelong-learning. System is processing data Please download to view 1
Read more

如何评价 Taylor Swift 的创作? - 音乐 - 知乎

有答主po了滚石对专辑的评价,我就po ... "Honey Bee" — Blake Shelton *WINNER "Mean" — Taylor Swift "Mama's Song" — Carrie Underwood
Read more

Infant and Toddler Growth and Development - PowerShow

Infant and Toddler Growth and Development. Description:... Disorders Eczema (5-7% Infants) RT allergies (egg, soy and cow s milk) Ig E levels RT Histamine, ...
Read more

Patent US20100120639 - Lubricant blend composition ...

The present invention relates to a lubricant composition. The present invention more particularly relates to a fully miscible lubricant composition that ...
Read more

Toxic Substances Control Act Trademarks And Product Names ...

----- PREFACE The Trademark and Product Name List was compiled in conjunction with the Toxic Substances Control Act (TSCA) Chemical Substance Inventory.
Read more