Honey pot
-
Upload
aashish-shrestha -
Category
Internet
-
view
43 -
download
0
Transcript of Honey pot
HONEY POTPRESENTER: Shishir Tamang
WHAT IS HONEY POT
Honey pot is an security mechanism which is used for monitoring, detecting and analyzing attacks.
Basically kept in a network which is not secure There are about two million honey pot around the world
Types of interaction
Low interaction High interaction• Looks and acts like operating
system• Easy to install• Minimal risk• Captures bit of information
• Real operating system with services
• Complex to install and deploy• Increased risk• Captures lot of information
It is about weighing risk verse reward
HIGH INTERACTION HONEYNET
Information they gather
How the attacker entered the system and from where What is being deleted or added Key strokes of the person typing What malware is being used IP addresses of attacker
Ethical Concerns
Entrapment Privacy Liability
Best Practices
Should be used with other security devices Banner at login screen Prevent all outgoing traffic from honey pot Have a blank command line Limit exposer of honeypot to rest of the network
Conclusion
Using honeypot is all about risk Proper setup is key Simple steps helps reduce an illegal issue Follow best practices