Presentation is loading. Please wait.

Presentation is loading. Please wait.

Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera.

Published byHillary Neal Modified over 9 years ago

Similar presentations

Presentation on theme: "Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera."— Presentation transcript:

1 Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera

2 Honeypots Oops !!

3 Definition(s) A honeypot is a  a decoy computer system designed to look like a legitimate system  A resource whose value is being in attacked or compromised.  Honeypots do not fix anything. They provide additional, valuable information  An intruder will want to break into while, unknown to the intruder, they are being covertly observed.  Like a hidden surveillance camera

4 Necessity of honeypots For the following reasons, good data is needed about attacks:  Real threat data  Trend data

5 Statistical Examples ℘ At the end of year 2000, the life expectancy of a default installation of Red Hat 6.2 was less than 72 hrs ! ℘ One of the fastest recorded times a HoneyPot was compromised was 15 min. ℘ During an 11 month period (Apr 2000 – Mar 2001), there was a 100% increase in IDS alerts based on Snort. ℘ In the beginning of 2002, a home network was scanned on an average by three different systems a day.

6 History  1980s  US MILITARY traced cracker to Germany  Tracing consumed time  1 st honeypot born

7 Primary ways of usage Deceive Intimidate Reconnaissance.

8 How do HoneyPots work? Prevent Detect Response Monitor No connection

9 Deployment strategies

10 Classification of honeypots Based on  Purpose  level of involvement

11 Honeypots Based on purpose  Production  Research

12 Honeypots Based on the level of involvement  Low  Middle  High

13 Level of Interaction Operating system Fake Daemon Disk Other local resource Low Medium High

14 Placement

15 Locations Locations  In front of firewall (Internet)  DMZ  Behind the firewall (Intranet) Best location ?

16 Compatibility  Microsoft Windows  Unix Derivatives

17 Advantages  Small Data Sets  Minimal Resources  Simplicity  Discovery of new tactics  Cost Effective

18 Disadvantages  Limited Vision  Inappropriate Response for new attacks  Not a perfect solution  Skilled analyst required  Requires high level of effort

19 Products in the market  Symantec Decoy Server  LaBrea Tarpit  HoneyD

20 Future of honeypot technologies (Future on the good side…)  Honeytokens  Wireless honeypots  SPAM honeypots  Honeypot farms  Search-engine honeypots

21 Conclusion  Only a best thief can become a best cop  A tool, not a solution !  Design fool proof security systems.  Wide areas of Usage  Growth is unbounded

22 Thanks for your (long) patience and attention! Any Queries ?! Rohan Rajeevan -Srikanth Vanama -Rakesh Akkera

Download ppt "Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera."

Similar presentations

Honeynet Introduction Tang Chin Hooi APAN Secretariat.

Honeynet Introduction Tang Chin Hooi APAN Secretariat.
Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Uzair Masood 100111089 MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.
HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.
Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)

Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)
ETHICAL HACKING.

ETHICAL HACKING.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Honeypots Presented by Javier Garcia April 21, 2010.

Honeypots Presented by Javier Garcia April 21, 2010.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Similar presentations

Ads by Google