SlideShare una empresa de Scribd logo
1 de 34
Descargar para leer sin conexión
HONEYPOTS

PRESENTED BY KAJAL MITTAL
B.TECH(IT) 5TH SEM

DATE – 11TH SEPTEMBER, 2013
ABSTRACT

 Countermeasure to detect or prevent attacks
 Know attack strategies
 Gather information which is then used to better
identify, understand and protect against
threats.
 Divert hackers from productive systems
PURPOSE

The Problem

Honeypots
THE PROBLEM

 The Internet security is hard
 New attacks every day
 Our computers are static targets

 What should we do?
 The more you know about your enemy, the better you
can protect yourself
 Fake target
CYBERTERRORISM:
TODAY AND TOMORROW
Cost of Capability

Availability of Capability

1945

Invasion

1955

Strategic
Nuclear
Weapons

1960

1970

1975

1985

Today

Cruise Missile Precision
Computer
Guided
Missiles
Munitions
ICBM & SLBM
Malicious code or malicious software is a
software program designed to
access a computer without the owners
consent or permission.

Problem(s) via computer
INTRODUCTION


 A honeypot can be almost any type of server or
application that is meant as a tool to catch or trap an
attacker.
 A honeypot is an internet attached server that acts as
decoy , luring in potential hackers in order to study
their activities and monitor how they are able to
break into a system.
History of Honeypots

 1990/1991 The Cuckoo’s Egg and Evening with
Berferd
 1997 - Deception Toolkit
 1998 - CyberCop Sting
 1998 - NetFacade (and Snort)
 1998 - BackOfficer Friendly
 1999 - Formation of the Honeynet Project
 2001 - Worms captured
Continue…


 The idea of honeypots began in 1991 with two
publications, “The Cuckoos Egg” and “An Evening with
Breferd ”.
 “The Cuckoos Egg” by Clifford Stoll was about his
experience catching a computer hacker that was in his
corporation searching for secrets.

 The other publication, “An Evening with Berferd” by Bill
Chewick is about a computer hacker’s moves through
traps that he and his colleagues used to catch him. In both
of these writings were the beginnings of what became
honeypots.
Continue…

 The first type of honeypot was released in 1997
called the Deceptive Toolkit. The point of this kit was
to use deception to attack back.
 In 1998 the first commercial honeypot came out. This
was called Cybercop Sting.
 In the year, 2005, The Philippine Honeypot Project
was started to promote computer safety over in the
Philippines.
What is Honeypot?

 In computer terminology, a honeypot is a trap set to
detect, deflect, or in some manner counteract
attempts at unauthorized use of information
systems.
 Generally it consists of a computer, data, or a
network site that appears to be part of a network, but
is actually isolated and monitored, and which seems
to contain information or are source of value to
attackers.
LOCATION

 In front of the firewall(Internet)
 DMZ(demilitarized zone)
DMZ is to add an additional layer of security to
an organization's local area network (LAN).
 Behind the firewall
Placement of Honeypot

Types of Honeypots

 By level of interaction
 High
 Low
 Pure

 By Implementation
 Virtual
 Physical

 By purpose
 Production
 Research
Level of Interaction


 Low Interaction





Easy to deploy, minimal risk
Limited Information
Simulate services frequently requested by attackers
Honeyd

 High Interaction






Highly expensive to maintain
Can be compromised completely, higher risk
More Information
Provide more security by being difficult to detect
Honeynet
Pure Honeypots


 Pure honeypots are full-fledged production systems .
 The activities of the attacker are monitored using a casual tap
that has been installed on the honeypot's link to the network.
No other software needs to be installed.
Level of Interaction


Low

Fake Daemon

Medium

Operating system

Disk

High

Other
local
resource
On Implementation basis


 Two types
 Physical
 Real machines
 Own IP Addresses
 Often high-interactive

 Virtual
 Simulated by other machines that:
 Respond to the traffic sent to the honeypots
 May simulate a lot of (different) virtual honeypots at the
same time
How do HPs work?


Prevent
Detect

Response

No connection

Monitor

Attackers

Attack Data

HoneyPot A

Gateway
Basis of Deployment

 Based on deployment, honeypots maybe classified
as:
 1. Production honeypots
 2. Research honeypots
Production HPs: Protect the systems


 Prevention
 Keeping the bad guys out
 not effective prevention mechanisms.
 Deception, Deterence , Decoys do NOT work against
automated attacks: worms, auto-rooters, mass-rooters

 Detection
 Detecting the burglar when he breaks in.
 Great work

 Response
 Can easily be pulled offline
 Little to no data pollution
Research HPs: gathering information



 Collect compact amounts of high value information
 Discover new Tools and Tactics
 Understand Motives, Behavior, and Organization
 Develop Analysis and Forensic Skills
 Not add direct value to a specific organization
 HONEYNET
Honeyd: A virtual honeypot application, which allows us
to create thousands of IP addresses with virtual machines
and corresponding network services.
What is a Honeynet

 High-interaction honeypot designed to:
 capture in-depth information
 learn who would like to use your
system without your permission
for their own ends

 Its an architecture, not a product or software.
 Populate with live systems.
 Can look like an actual production system
Diagram of Honeynet

Diagram of Honeynet

ADVANTAGES

 Provides security to the systems.
 Data Value : Honeypots can give you the precise information
you need in a quick and easy-to-understand format.
 Resources : The honeypot only captures activities directed at
itself, so the system is not overwhelmed by the traffic.
 It can be a relatively cheap computer.
 Simplicity : There are no fancy algorithms to develop, no
signature databases to maintain, no rule bases to misconfigure.
Honeypot ss
DISADVANTAGES

 Narrow Field of View : They only see what activity is
directed against them.
 Fingerprinting : Fingerprinting is when an attacker
can identify the true identity of a honeypot because
it has certain expected characteristics or behaviors.
 Risk : By risk, we mean that a honeypot, once
attacked, can be used to attack, infiltrate, or harm
other systems or organizations.
CONCLUSION

 Just the beginning for honeypots.
 Honeypots are not a solution, they are a flexible tool
with different applications to security.
 Primary value in detection and information
gathering.
 Yet, honeypot technology is moving ahead
rapidly, and, in a year or two, honeypots will be
hard to ignore.
REFERENCES

 http://searchsecurity.techtarget.com/feature/Honeyp
ot-technology-How-honeypots-work-in-the-enterprise
 http://searchsecurity.techtarget.com/definition/honey
-pot
 http://www.euractiv.com/specialreportcybersecurity/europe-needs-honeypots-trap-cybenews-518279
 http://www.technologyreview.com/news/514216/ho
neypots-lure-industrial-hackers-into-the-open/
 http://www.tomshardware.com/news/microsoftpatent-honeypot-security-network,15659.html
References

 http://my.safaribooksonline.com/book/networking/sec
urity/0321108957/the-value-of-honeypots/ch04lev1sec2
 http://www.123seminarsonly.com/SeminarReports/012/53599210-Honey-Pots.pdf
 http://searchsecurity.techtarget.com/feature/Honeypottechnology-How-honeypots-work-in-the-enterprise
 http://ezinearticles.com/?Malicious-Code-and-ItsOrigins&id=4500377
QUERY?
Honeypot ss

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Seminar Report on Honeypot
Seminar Report on HoneypotSeminar Report on Honeypot
Seminar Report on Honeypot
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
 
Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar report
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypot
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deception
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Honeypot2
Honeypot2Honeypot2
Honeypot2
 
Honeypots
HoneypotsHoneypots
Honeypots
 

Destacado

Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Hackfest Communication
 
Honey Potz - BSides SLC 2015
Honey Potz - BSides SLC 2015Honey Potz - BSides SLC 2015
Honey Potz - BSides SLC 2015Ethan Dodge
 
Interactive presentation screen format 16-9 - minimal for slideshare
Interactive presentation   screen format 16-9 - minimal for slideshareInteractive presentation   screen format 16-9 - minimal for slideshare
Interactive presentation screen format 16-9 - minimal for slidesharePatrick Keyzer
 
Computing (cloude & grid) & honey pots
Computing (cloude & grid) & honey potsComputing (cloude & grid) & honey pots
Computing (cloude & grid) & honey potsVarun Sharma
 
Honeypot Presentation - Using Honeyd
Honeypot Presentation - Using HoneydHoneypot Presentation - Using Honeyd
Honeypot Presentation - Using Honeydicanhasfay
 
Honeypots - November 8th Misec presentation
Honeypots - November 8th Misec presentationHoneypots - November 8th Misec presentation
Honeypots - November 8th Misec presentationTazdrumm3r
 

Destacado (16)

Lecture 7
Lecture 7Lecture 7
Lecture 7
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honey Pot
Honey PotHoney Pot
Honey Pot
 
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honey Potz - BSides SLC 2015
Honey Potz - BSides SLC 2015Honey Potz - BSides SLC 2015
Honey Potz - BSides SLC 2015
 
Interactive presentation screen format 16-9 - minimal for slideshare
Interactive presentation   screen format 16-9 - minimal for slideshareInteractive presentation   screen format 16-9 - minimal for slideshare
Interactive presentation screen format 16-9 - minimal for slideshare
 
Computing (cloude & grid) & honey pots
Computing (cloude & grid) & honey potsComputing (cloude & grid) & honey pots
Computing (cloude & grid) & honey pots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
CDE future sonar webinar
CDE future sonar webinar CDE future sonar webinar
CDE future sonar webinar
 
Ppt
PptPpt
Ppt
 
Honeypot Project
Honeypot ProjectHoneypot Project
Honeypot Project
 
Honey pot in cloud computing
Honey pot in cloud computingHoney pot in cloud computing
Honey pot in cloud computing
 
GIS for Defence
GIS for DefenceGIS for Defence
GIS for Defence
 
Honeypot Presentation - Using Honeyd
Honeypot Presentation - Using HoneydHoneypot Presentation - Using Honeyd
Honeypot Presentation - Using Honeyd
 
Honeypots - November 8th Misec presentation
Honeypots - November 8th Misec presentationHoneypots - November 8th Misec presentation
Honeypots - November 8th Misec presentation
 

Similar a Honeypot ss

Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypottushar mandal
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network SecurityKirubaburi R
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applicationsijtsrd
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1NihanthReddyBalaiahg
 
Infa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsInfa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsChelsea Porter
 
Paper id 312201513
Paper id 312201513Paper id 312201513
Paper id 312201513IJRAT
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
 
Learn Hacking With Gflixacademy
Learn Hacking With GflixacademyLearn Hacking With Gflixacademy
Learn Hacking With GflixacademyGaurav Mishra
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
The use of honeynet to detect exploited systems (basic version)
The use of honeynet to detect exploited systems (basic version)The use of honeynet to detect exploited systems (basic version)
The use of honeynet to detect exploited systems (basic version)amar koppal
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
Unit 3 Assignment 2 System Security
Unit 3 Assignment 2 System SecurityUnit 3 Assignment 2 System Security
Unit 3 Assignment 2 System SecurityJennifer Letterman
 
Growing Threat Of Computer Crimes
Growing Threat Of Computer CrimesGrowing Threat Of Computer Crimes
Growing Threat Of Computer CrimesTheresa Singh
 

Similar a Honeypot ss (20)

Honeypots
HoneypotsHoneypots
Honeypots
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypot
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applications
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1
 
HoneyPots.pptx
HoneyPots.pptxHoneyPots.pptx
HoneyPots.pptx
 
Infa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsInfa 610 Final Exam Solutions
Infa 610 Final Exam Solutions
 
Paper id 312201513
Paper id 312201513Paper id 312201513
Paper id 312201513
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
 
Learn Hacking With Gflixacademy
Learn Hacking With GflixacademyLearn Hacking With Gflixacademy
Learn Hacking With Gflixacademy
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
The use of honeynet to detect exploited systems (basic version)
The use of honeynet to detect exploited systems (basic version)The use of honeynet to detect exploited systems (basic version)
The use of honeynet to detect exploited systems (basic version)
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot
HoneypotHoneypot
Honeypot
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
Unit 3 Assignment 2 System Security
Unit 3 Assignment 2 System SecurityUnit 3 Assignment 2 System Security
Unit 3 Assignment 2 System Security
 
Growing Threat Of Computer Crimes
Growing Threat Of Computer CrimesGrowing Threat Of Computer Crimes
Growing Threat Of Computer Crimes
 

Último

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapitolTechU
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxMYDA ANGELICA SUAN
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfTechSoup
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...Nguyen Thanh Tu Collection
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and stepobaje godwin sunday
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17Celine George
 
CAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxCAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxSaurabhParmar42
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17Celine George
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxraviapr7
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 

Último (20)

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptx
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and step
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17
 
CAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxCAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptx
 
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdfPersonal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptx
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
Finals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quizFinals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quiz
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 

Honeypot ss

  • 1. HONEYPOTS  PRESENTED BY KAJAL MITTAL B.TECH(IT) 5TH SEM DATE – 11TH SEPTEMBER, 2013
  • 2. ABSTRACT   Countermeasure to detect or prevent attacks  Know attack strategies  Gather information which is then used to better identify, understand and protect against threats.  Divert hackers from productive systems
  • 4. THE PROBLEM   The Internet security is hard  New attacks every day  Our computers are static targets  What should we do?  The more you know about your enemy, the better you can protect yourself  Fake target
  • 5. CYBERTERRORISM: TODAY AND TOMORROW Cost of Capability Availability of Capability 1945 Invasion 1955 Strategic Nuclear Weapons 1960 1970 1975 1985 Today Cruise Missile Precision Computer Guided Missiles Munitions ICBM & SLBM
  • 6. Malicious code or malicious software is a software program designed to access a computer without the owners consent or permission. Problem(s) via computer
  • 7. INTRODUCTION   A honeypot can be almost any type of server or application that is meant as a tool to catch or trap an attacker.  A honeypot is an internet attached server that acts as decoy , luring in potential hackers in order to study their activities and monitor how they are able to break into a system.
  • 8. History of Honeypots   1990/1991 The Cuckoo’s Egg and Evening with Berferd  1997 - Deception Toolkit  1998 - CyberCop Sting  1998 - NetFacade (and Snort)  1998 - BackOfficer Friendly  1999 - Formation of the Honeynet Project  2001 - Worms captured
  • 9. Continue…   The idea of honeypots began in 1991 with two publications, “The Cuckoos Egg” and “An Evening with Breferd ”.  “The Cuckoos Egg” by Clifford Stoll was about his experience catching a computer hacker that was in his corporation searching for secrets.  The other publication, “An Evening with Berferd” by Bill Chewick is about a computer hacker’s moves through traps that he and his colleagues used to catch him. In both of these writings were the beginnings of what became honeypots.
  • 10. Continue…   The first type of honeypot was released in 1997 called the Deceptive Toolkit. The point of this kit was to use deception to attack back.  In 1998 the first commercial honeypot came out. This was called Cybercop Sting.  In the year, 2005, The Philippine Honeypot Project was started to promote computer safety over in the Philippines.
  • 11. What is Honeypot?   In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.  Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or are source of value to attackers.
  • 12. LOCATION   In front of the firewall(Internet)  DMZ(demilitarized zone) DMZ is to add an additional layer of security to an organization's local area network (LAN).  Behind the firewall
  • 14. Types of Honeypots   By level of interaction  High  Low  Pure  By Implementation  Virtual  Physical  By purpose  Production  Research
  • 15. Level of Interaction   Low Interaction     Easy to deploy, minimal risk Limited Information Simulate services frequently requested by attackers Honeyd  High Interaction      Highly expensive to maintain Can be compromised completely, higher risk More Information Provide more security by being difficult to detect Honeynet
  • 16. Pure Honeypots   Pure honeypots are full-fledged production systems .  The activities of the attacker are monitored using a casual tap that has been installed on the honeypot's link to the network. No other software needs to be installed.
  • 17. Level of Interaction  Low Fake Daemon Medium Operating system Disk High Other local resource
  • 18. On Implementation basis   Two types  Physical  Real machines  Own IP Addresses  Often high-interactive  Virtual  Simulated by other machines that:  Respond to the traffic sent to the honeypots  May simulate a lot of (different) virtual honeypots at the same time
  • 19. How do HPs work?  Prevent Detect Response No connection Monitor Attackers Attack Data HoneyPot A Gateway
  • 20. Basis of Deployment   Based on deployment, honeypots maybe classified as:  1. Production honeypots  2. Research honeypots
  • 21. Production HPs: Protect the systems   Prevention  Keeping the bad guys out  not effective prevention mechanisms.  Deception, Deterence , Decoys do NOT work against automated attacks: worms, auto-rooters, mass-rooters  Detection  Detecting the burglar when he breaks in.  Great work  Response  Can easily be pulled offline  Little to no data pollution
  • 22. Research HPs: gathering information   Collect compact amounts of high value information  Discover new Tools and Tactics  Understand Motives, Behavior, and Organization  Develop Analysis and Forensic Skills  Not add direct value to a specific organization  HONEYNET
  • 23. Honeyd: A virtual honeypot application, which allows us to create thousands of IP addresses with virtual machines and corresponding network services.
  • 24. What is a Honeynet   High-interaction honeypot designed to:  capture in-depth information  learn who would like to use your system without your permission for their own ends  Its an architecture, not a product or software.  Populate with live systems.  Can look like an actual production system
  • 27. ADVANTAGES   Provides security to the systems.  Data Value : Honeypots can give you the precise information you need in a quick and easy-to-understand format.  Resources : The honeypot only captures activities directed at itself, so the system is not overwhelmed by the traffic.  It can be a relatively cheap computer.  Simplicity : There are no fancy algorithms to develop, no signature databases to maintain, no rule bases to misconfigure.
  • 29. DISADVANTAGES   Narrow Field of View : They only see what activity is directed against them.  Fingerprinting : Fingerprinting is when an attacker can identify the true identity of a honeypot because it has certain expected characteristics or behaviors.  Risk : By risk, we mean that a honeypot, once attacked, can be used to attack, infiltrate, or harm other systems or organizations.
  • 30. CONCLUSION   Just the beginning for honeypots.  Honeypots are not a solution, they are a flexible tool with different applications to security.  Primary value in detection and information gathering.  Yet, honeypot technology is moving ahead rapidly, and, in a year or two, honeypots will be hard to ignore.
  • 31. REFERENCES   http://searchsecurity.techtarget.com/feature/Honeyp ot-technology-How-honeypots-work-in-the-enterprise  http://searchsecurity.techtarget.com/definition/honey -pot  http://www.euractiv.com/specialreportcybersecurity/europe-needs-honeypots-trap-cybenews-518279  http://www.technologyreview.com/news/514216/ho neypots-lure-industrial-hackers-into-the-open/  http://www.tomshardware.com/news/microsoftpatent-honeypot-security-network,15659.html
  • 32. References   http://my.safaribooksonline.com/book/networking/sec urity/0321108957/the-value-of-honeypots/ch04lev1sec2  http://www.123seminarsonly.com/SeminarReports/012/53599210-Honey-Pots.pdf  http://searchsecurity.techtarget.com/feature/Honeypottechnology-How-honeypots-work-in-the-enterprise  http://ezinearticles.com/?Malicious-Code-and-ItsOrigins&id=4500377