HoneyPorts presentation Presented by Talha Riaz
-
Upload
talha-riaz -
Category
Documents
-
view
317 -
download
5
Transcript of HoneyPorts presentation Presented by Talha Riaz
![Page 1: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/1.jpg)
Honeypots
By: Talha Riaz
![Page 2: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/2.jpg)
History of Honeypots
• 1990/1991 The Cuckoo’s Egg and Evening with Berferd.
• 1997 - Deception Toolkit.
• 1998 - CyberCop Sting.
• 1998 - NetFacade (and Snort).
• 1998 - BackOfficer Friendly.
• 1999 - Formation of the Honeynet Project.
• 2001 - Worms captured.
![Page 3: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/3.jpg)
Definition
A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. (This includes the hacker, cracker, and script kiddy.)
Honey Pot Systems are decoy servers or systems setup to gather information regarding an attacker or intruder into your system. It is important to remember that Honey Pots do not replace other traditional Internet security systems; they are an additional level or system.
![Page 4: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/4.jpg)
Level of Interaction Low Interaction
Simulates some aspects of the system
Honeyd
Easy to deploy, minimal risk
Limited Information
High Interaction
Simulates all aspects of the OS: real systems
Can be compromised completely, higher risk
More Information
Honeynet
![Page 5: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/5.jpg)
Level of Interaction
![Page 6: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/6.jpg)
Physical vs. Virtual Honeypots
Physical Honeypots
are actual (physical)
computers that are
set up with additional
logging and security
mechanisms
o Virtual Honeypots are a software package that allows you to fake numerous computer distributions at various places over the network from one computer.
![Page 7: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/7.jpg)
Physical, Virtual Honeypots And
Hybrid System
![Page 8: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/8.jpg)
![Page 9: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/9.jpg)
Classification of Honeypot
![Page 10: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/10.jpg)
Location of Honeypots
In front of the firewall
Demilitarized Zone
Behind the firewall (Intranet)
![Page 11: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/11.jpg)
Conclusion The implementation I created addressed the problems
with open source Honeypots.
Virtualization makes easy to deploy honeypots .
Honeyd needs some improvements to make this system as complete and functional as it could be.
Moving Honeypot technology to easy to deploy read-only mediums is the best implementation.
![Page 12: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/12.jpg)
References
http://searchsecurity.techtarget.com/definition/
honey-pot
https://www.sans.org/security-
resources/idfaq/honeypot3.php
![Page 13: HoneyPorts presentation Presented by Talha Riaz](https://reader031.fdocuments.in/reader031/viewer/2022021923/58ecb16b1a28aba9608b4617/html5/thumbnails/13.jpg)