Honeypot Explained (Security)posted by Anna Mar, June 05, 2013
What Is It?A honeypot is decoy designed to distract attackers from your information infrastructure.
A honeypot is typically set up with vulnerabilities that attackers find attractive. The honeypot contains no valuable data and is separated from your core infrastructure and information. Honeypots are actively monitored to collect information and trigger alerts.
They are essentially a trap designed to detect, deflect or counteract attacks on information infrastructure.
So What?Honeypots are a common security technique for defense and intelligence gathering.
Attackers tend to be attracted to vulnerabilities and may find it difficult to distinguish real infrastructure from a honeypot. Honeypots are a timeless strategy that don't depend on known patterns of attack.
Honeypots may be built into security infrastructure and software.
Types of HoneypotThere are several types of honeypot:
- High-interaction honeypot: a honeypot that allows an intruder to interact with infrastructure such as operating systems and networks. The purpose is to keep the intruder engaged to capture as much information as possible.
- Low-interaction honeypot: a honeypot that provides a limited set of emulated services to an intruder. This collects less information but can be highly efficient for dealing with high volume attacks such as a distributed denial of service.
- Pure honeypots: an emulated vulnerability set up as a trap on an actual production system.
- Production honeypots: a honeypot designed to protect production infrastructure.
- Research honeypots: a honeypot designed to conduct intelligence gathering or research. For example, open relay honeypots are used to collect information on email spammers.
- Honeynet: a network of honeypots.
- Honeytokens: a non-infrastructure honeypot such as a intentionally compromised username and password.
- Client honeypot: a client that connects to servers to see if those servers attack the client.
Security Techniques |
A list of information security strategies and techniques.
How to win EA supporters and influence people with sound bites.|
Keeping your dashboard designs simple.|
Perfectly elegant architectures that are perfectly out of touch.|
Yes and no. There's no ITIL certification process offered by ITIL itself. However, an organization that's reached ITIL maturity can generally be ISO 20000 certified.|