Honeypots Presented by Javier Garcia April 21, 2010.

Slides:

Advertisements

Similar presentations

Honeynet Introduction Tang Chin Hooi APAN Secretariat.

Advertisements

A NASSCOM ® Initiative Comprehensive Computer Security Software An advanced computer security software usually have one or more of the following utilities.

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

Honeypot Research Hung Nguyen Brendan Roberts Comp 4027 Forensic and Analytical Computing.

12-1 Last time Security in Networks Threats in Networks.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

5-Network Defenses Dr. John P. Abraham Professor UTPA.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Honeypots and Network Security Research by: Christopher MacLellan Project Mentor: Jim Ward EPSCoR and Honors Program.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Presented by Stanley Chand & Damien Prescod

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Dec, Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet safety By Lydia Snowden.

Introduction to Honeypot, Botnet, and Security Measurement

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

BotNet Detection Techniques By Shreyas Sali

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

HONEYPOT.  Introduction to Honeypot  Honeytoken  Types of Honeypots  Honeypot Implementation  Advantages and Disadvantages  Role of Honeypot in.

HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.

Honeypots. Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.

Honeypot and Intrusion Detection System

A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.

Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.

1Of 25. 2Of 25  Definition  Advantages & Disadvantages  Types  Level of interaction  Honeyd project: A Virtual honeypot framework  Honeynet project:

HONEYPOTS PRESENTATION TEAM: TEAM: Ankur Sharma Ashish Agrawal Elly Bornstein Santak Bhadra Srinivas Natarajan.

HONEYPOT By SIDDARTHA ELETI CLEMSON UNIVERSITY. Introduction Introduced in 1990/1991 by Clifford Stoll’s in his book “The Cuckoo’s Egg” and by Bill Cheswick’s.

Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.

A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.

1 Commonwealth Security Information Resource Center Michael Watson Security Incident Management Director 10/17/2008

A Virtual Honeypot Framework Niels Provos Google, Inc. The 13th USENIX Security Symposium, August 9–13, 2004 San Diego, CA Presented by: Sean Mondesire.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Security with Honeyd By Ryan Olsen. What is Honeyd? ➲ Open source program design to create honeypot networks. ➲ What is a honeypot? ● Closely monitored.

Security Vulnerabilities in A Virtual Environment

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP

Forensic Computing: Tools, Techniques and Investigations Assignment 1 Seminar.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

UNDER THE GUIDENCE OF: Mr.M.JAYANTHI RAO,M.Tech HOD OF IT. BY: I.ADITHYA(09511A1212) HONEYPOTS.

1 Web Technologies Website Publishing/Going Live! Copyright © Texas Education Agency, All rights reserved.

Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.

E Safety & Security Tools 13 th March 2009 Martin Quinn - The Westfield Centre.

Lesson Objectives Aims You should be able to:

Honeypots at CESNET/MU

Network Attacks Dylan Small.

Forensics Week 11.

Honeypots and Honeynets

12/6/2018 Honeypot ICT Infrastructure Sashan

Friday, December 07, 2018 Honeypot ICT Infrastructure Sashan Kantonsspital Graubunden ICT Department.

Security Overview: Honeypots

Network hardening Chapter 14.

Cyber security and Computer Misuse

Honeypots Visit for more Learning Resources 1.

Introduction to Internet Worm

IP Addresses & Ports IP Addresses – identify a device on a network

Presentation transcript:

Honeypots Presented by Javier Garcia April 21, 2010

Outline Introduction Characteristics Approaches Types Word of Caution Examples

Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems

Characteristics Most often a computer No production value Any traffic or activity is considered malicious or unathorized Appealing to attackers ▫Dummy programs ▫Fake data

Approaches Keep intruders occupied or distracted ▫So they don’t go after important systems Gather information on intruders ▫Used to make important systems on the network less vulnerable

Types Production honeypots ▫Used by companies or corporations Research honeypots ▫Used by volunteer, non-profit research organizations

Types: Production Honeypots Capture limited information Placed inside the production network Low interaction and easier to deploy Give less information

Types: Research Honeypots Gathers information on motives and tactics of hacker community Research threats organizations face Information is used to protect against threats More complex than production honeypots Capture extensive information

Word of Caution Isolate the honeypot from your production systems ▫The attacker shouldn’t be able to use the honeypot as a launching point to attack your valuable systems Also monitor outgoing traffic ▫The attacker shouldn’t be able to launch an attack on other organizations from the honeypot or send spam Be careful when setting up monitoring of a honeypot ▫The attacker shouldn’t realize he or she is accessing a honeypot as opposed to a valuable system

Examples Project Honeypot ▫Used to identify spammers who harvest addresses from websites ▫Custom-tagged addresses are installed on websites  Contain time and IP address of visitor  If any is received, it is spam

Examples (continued) Honeyd - ▫Open source program ▫Allows user to set up and run multiple virtual hosts on a computer network ▫The virtual hosts can be configured to mimic different types of servers ▫There could appear to be many servers and the attacker would need to research to find out which are the real servers

References SANS Institute resources/idfaq/honeypot3.phphttp:// resources/idfaq/honeypot3.php Security in Computing pages Wikipedia, Honeypot (computing) uting) uting)

Questions?