unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Unlike firewalls or Intrusion Detection Systems, honeypots do not
solve a specific problem. Instead, they are a highly flexible tool
that comes in many shapes and sizes. They can do everything from detecting
encrypted attacks in IPv6 networks to capturing the latest in on-line
credit card fraud. Its is this flexibility that gives honeypots their
true power. It is also this flexibility that can make them challenging
to define and understand.
Honeypots can be classified based on their deployment and based on their level of involvement.
- Production Honeypots
- Research Honeypots
Based on the design criteria, honeypots can be classified into three categories as
- Pure honeypots
- High interaction honeypots
- Low interaction honeypots
High-Interaction Honeypot:- High-interaction honeypots are different, they are usually complex solutions as they involve real operating systems and applications. Nothing is emulated, we give attackers the real thing. The advantages with such a solution are two fold. First, you can capture extensive amounts of information. By giving attackers real systems to interact with, you can learn the full extent of their behavior.
How Honeypots Work?
This fake vulnerability attracts any hacker towards it & he would try to compromise it. The Honeypot will itself stores the data regarding how hacker is trying to break it, what tools he might be using, his intentions, keystrokes and many such things.
Hope you like it. Suggestions are welcomed.
No comments:
Post a Comment
I hope you got some great ideas in this post! Please feel free to share additional ideas or query.