Honeypot :
It is like a trap to help fight unauthorized access by any attacker. Usually it contains a computer, data and network site that seems to be on a network but actually monitored and isolated and has confidential information which may be of any attacker's interest.
Types of honeypots -
Honeypots can be classified by two categories-
1) According to deployment
2) According to design criteria
Types of honeypots according to deployment -
1) Production honeypots:
-Easy to use.
-Capture limited information.
-Placed inside production network with other production servers.
-Low-interaction honeypots.
2) Research honeypots:
-Run to acquire information about the actual tactics and intention of the blackhat hacker.
-Used to research the threats any company face and to learn how to better protect by those threats to that company.
-Complex to deploy and maintain.
-Capture huge information.
-Used by research, government, security providing organizations etc.
Types of honeypots according to design criteria -
1) Pure honeypots :
-Attacker's activities are monitored using casual tap that has been installed on the honeypot's link to the network.
-No other software installation is required.
2) High-interaction honeypots :
-Imitate the activities of real systems.
-Provide more security.
-Difficult to detect.
-Expensive to maintain.
-If virtual machines are not available then one honeypot must be maintained for each physical computer that is expensive e.g. Honeynet
3) Low-interaction honeypots :
-Simulate frequently requested services for attacker.
-Less complex than high-interaction honeypots e.g.- Honeyd
It is like a trap to help fight unauthorized access by any attacker. Usually it contains a computer, data and network site that seems to be on a network but actually monitored and isolated and has confidential information which may be of any attacker's interest.
Types of honeypots -
Honeypots can be classified by two categories-
1) According to deployment
2) According to design criteria
Types of honeypots according to deployment -
1) Production honeypots:
-Easy to use.
-Capture limited information.
-Placed inside production network with other production servers.
-Low-interaction honeypots.
2) Research honeypots:
-Run to acquire information about the actual tactics and intention of the blackhat hacker.
-Used to research the threats any company face and to learn how to better protect by those threats to that company.
-Complex to deploy and maintain.
-Capture huge information.
-Used by research, government, security providing organizations etc.
Types of honeypots according to design criteria -
1) Pure honeypots :
-Attacker's activities are monitored using casual tap that has been installed on the honeypot's link to the network.
-No other software installation is required.
2) High-interaction honeypots :
-Imitate the activities of real systems.
-Provide more security.
-Difficult to detect.
-Expensive to maintain.
-If virtual machines are not available then one honeypot must be maintained for each physical computer that is expensive e.g. Honeynet
3) Low-interaction honeypots :
-Simulate frequently requested services for attacker.
-Less complex than high-interaction honeypots e.g.- Honeyd
No comments:
Post a Comment