Honeypots and Honeynets

Category: Ethical Hacking and Cyber Security & Approved by adwivedi008@gmail.com On December-17-2020 20:05:58

Disclaimer and Note

This course is Entirely for EDUCATIONAL PURPOSE only and TO MAKE PEOPLE AWARE about the various ATTACKS and PREVENT YOURSELF and YOUR FAMILY from such ATTACKS.

Under no circumstances will the course Instructor i.e. Aashish Dwivedi / TechGyan-Today Team or Interstellar Association will be held responsible or liable in any way for any claims, damages, losses, expenses, costs or liabilities whatsoever (including, without limitation, any direct or indirect damages for loss of profits, business interruption or loss of information) resulting or arising directly or indirectly from your use of or inability to use this website or any websites linked to it, or from your reliance on the information and material on this website, even if the Instructor has been advised of the possibility of such damages in advance.

Honeypots and Honeynets

People who like to watch monkeys go to the zoo, because there might be monkeys there. People who like to watch birds put out bird feeders, and the birds come to them. People who like to watch fish build aquariums, and bring the fish to themselves. But what do you do if you want to watch hackers? You put out a honeypot. Think about it this way – you're a bear. You may not know much (being a bear) but you do know that honey is tasty, and there is nothing better on a warm summer day than a big handful of honey. So you see a big pot full of honey sitting out in the center of a clearing, and you're thinking, 'Yum!” But once you stick your paw in the honey pot, you risk getting stuck. If nothing else, you're going to leave big, sticky paw prints everywhere, and everyone is going to know that someone has been in the honey, and there's a good chance that anyone who follows the big, sticky paw prints is going to discover that it's you. More than one bear has been trapped because of his affection for tasty honey. A honeypot is a computer system, network, or virtual machine that serves no other purpose than to lure in hackers. In a honeypot, there are no authorized users – no real data is stored in the system, no real work is performed on it – so, every access, every attempt to use it, can be identified as unauthorized. Instead of sifting through logs to identify intrusions, the system administrator knows that every access is an intrusion, so a large part of the work is already done

Types of Honeypots
There are two types of honeypots: production and research. Production honeypots are used primarily as warning systems. A production honeypot identifies an intrusion and generates an alarm. They can show you that an intruder has identified the system or network as an object of interest, but not much else. For example, if you wanted to know if bears lived near your clearing, you might set out ten tiny pots of honey. If you checked them in the morning and found one or more of them empty, then you would know that bears had been in the vicinity, but you wouldn't know anything else about the bears. Research honeypots are used to collect information about hacker's activities. A research honeypot lures in hackers, then keeps them occupied while it quietly records their actions. For example, if – instead of simply documenting their presence – you wanted to study the bears, then you might set out one big, tasty, sticky pot of honey in the middle of your clearing, but then you would surround that pot with movie cameras, still cameras, tape recorders and research assistants with clipboards and pith helmets. The two types of honeypots differ primarily in their complexity. You can more easily set up and maintain a production honeypot because of its simplicity and the limited amount of information that you hope to collect. In a production honeypot, you just want to know that you've been hit; you don't care so much whether the hackers stay around, However, in a research honeypot, you want the hackers to stay, so that you can see what they are doing. This makes setting up and maintaining a research honeypot more difficult, because you must make the system look like a real, working system that offers files or services that the hackers find interesting. A bear who knows what a honeypot looks like, might spend a minute looking at an empty pot, but only a full pot full of tasty honey is going to keep the bear hanging around long enough for you to study it.


Share your thoughts about this post
web counter