Honeypot is a software or computer that simulate a vulnerable system to attract attackers. This is a sweet for hackers or people who wants to play in the illegal side. This kind of “security systems”(from now SS) are used to know attack methods, possible systems failures or solutions to that failures. I mean SS because knowing different patterns, you can shield your infrastructure to prevent this type of attacks.

A honeypot is used to distract an attacker making a system more attractive. For example, is more appealing a computer called “server” than “computer”. Is more attractive a file called “passwords” than “images”. This are two examples of thousands.

A honeypot is then used to monitor the network. When an attacker is trying to crack your system, you have an opportunity to know more about the attacker.

For all of the above, a honeypot is a prevention and detection system.

Kind of honeypots:

Depending of function:

Production: Only capture information.

Research: Capture extensive information and used to research, military, or government organizations.

Depending of interaction with attacker:

Low interaction: Emulate services. Attacker think that is cracking a system but it is a software that is emulating this service.

High interaction: Attacker interact with it totally. All is real

At the beginning this honeypots were in most of the cases too expensive physical machines. At this time a honeypot can be a virtual machine in a virtual network with a virtual ip 🙂

I will test this kind of software to post comments in future.


Posted on 1 July 2010, in networking, security and tagged , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: