SlideShare a Scribd company logo

Honeypots

S
SARANYA S

PPt on honeypots

Engineering
1 of 26
Download to read offline
HONEYPOTS PRESENTED BY, SARANYA.S S7 CSE 1
CONTENTS  Introduction  What are Honey pots?  Classification  Honeyd  Honeynet  Advantages of honeypot  Disadvantages of honeypot  Conclusion 2
INTRODUCTION The internet is growing very fast.  New attacks every day The more you know about your enemy, the better you can protect yourself. The main goal of honeypot is to gather as much information as possible. 3
WHAT ARE HONEYPOTS? Honeypot is an exciting new technology with enormous potential for the security community. According to Lance Spitzner, founder of honeypot project: “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.” Used for monitoring, detecting and analyzing attacks 4
CLASSIFICATION By level of interaction High Low By level of interaction By implementation Physical Virtual By purpose Production Research 5
High interaction Simulates all aspects of the OS: real systems. Can be compromised completely, higher risk. More Information Eg:-Honeynet Architecture of high interaction honeypots 6
Low interaction Simulates some aspects of the system Easy to deploy, minimal risk  Limited Information Eg:- Honeyd 7 Architecture of low interaction honeypots
Physical Honeypots Real machines Own IP Addresses Often high-interactive 8
Virtual Honeypots Simulated by other machines that: • Respond to the network traffic sent to the honeypots • May simulate a lot of (different) virtual honeypots at the same time 9
Production Honeypots Help to mitigate risk in your organizations 3 categories: 1.Prevention • Keeping the bad guys out • Mechanism such as encryption prevent attackers from accessing critical information. 10
Contd… 2. Detection • Detecting the attacker when he breaks in. • Challenges: False positive, False negative 3.Response • Can easily be pulled offline 11
Research Honeypots Capture extensive information Used primarily by research, military, government organization. Used: • To capture automated threats, such autorooters • To capture unknown tools or techniques • To better understand attackers motives 12
HONEYD  Open source software released under GNU General Public License. Able to simulate big network on a single host.  Provides simple functionality. 13
A Honeyd config file create windows set windows personality "Windows NT 4.0 Server SP5-SP6" set windows default tcp action reset set windows default udp action reset add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows uptime 3284460 bind 192.168.1.201 windows 14
How HoneydWorks? 15
Overview of honeyd architecture 16 Routing Personality engine Packet dispatcher ICMP TCP UDP Services Routing Configuration Personality Network • Packet dispatcher Lookup • Configuration database • Protocol handlers • Router • Personality engine
HONEYNET High interaction honeypots Two or more honeypots on a network form a honeynet. It is basically an architecture, an entire network of computers designed to be attacked.  The key to the honeynet architecture is “Honey wall”. 17
ARCHITECTURE OF HONEYNET 18
Gen 1 19
Gen 2 20
Advantages of Honeypots Collect small data sets of high value Reduced false positive Cost effective Simplicity Minimal resources 21
Disadvantages of Honeypots Limited view Risk Finger Printing 22
CONCLUSION  Effective tool for observing hacker movements as well as preparing the system for future attacks. Flexible tool with different applications to security  Primary value in detection and information gathering. 23
REFERENCES • R. R. Patel and C. S. Thaker, “Zero-day attack signatures detection using honey-pot,” International Conference on Computer Communication and Networks CSI-COMNET- 2011, vol. 1, no. 1, pp. 4–27, 2011. • Lance Spitzner. To build a honeypot. http://www.spitzner.net/honeypot.html. • http://www.tracking-hackers.com/papers/honeypots.html • The Honeynet Project, “Know Your Enemy: Statistics,” available online:http://honeynet.org/papers/stats • http://www.honeynet.org • http://project.honeypot.org 24
QUESTIONS……. 25
THANKYOU 26

Recommended

Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar reportInder NeGi
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot BasicsManoj kumawat
 
IP Spoofing
IP SpoofingIP Spoofing
IP SpoofingAkmal Hussain
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1samrat saurabh
 
Honeypots
HoneypotsHoneypots
HoneypotsGaurav Gupta
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
Honeypots
HoneypotsHoneypots
HoneypotsPresentaionslive.blogspot.com
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Ravindra Singh Rathore
 

Recommended

Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar reportInder NeGi
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot BasicsManoj kumawat
 
IP Spoofing
IP SpoofingIP Spoofing
IP SpoofingAkmal Hussain
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1samrat saurabh
 
Honeypots
HoneypotsHoneypots
HoneypotsGaurav Gupta
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
Honeypots
HoneypotsHoneypots
HoneypotsPresentaionslive.blogspot.com
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Ravindra Singh Rathore
 
Honey Pot
Honey PotHoney Pot
Honey Potiradarji
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
Honeypots
HoneypotsHoneypots
HoneypotsJ. Scott Christianson
 
Jini technology ppt
Jini technology pptJini technology ppt
Jini technology pptOECLIB Odisha Electronics Control Library
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics123seminarsonly
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
I twin technology
I twin technologyI twin technology
I twin technologyChandra Mohan AD
 
Screenless Display PPT
Screenless Display PPTScreenless Display PPT
Screenless Display PPTVikas Kumar
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Nano computing
Nano computingNano computing
Nano computingmanpreetgrewal
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
Edge Computing.pptx
Edge Computing.pptxEdge Computing.pptx
Edge Computing.pptxPriyaMaurya52
 
Browser Security
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
FOG COMPUTING
FOG COMPUTINGFOG COMPUTING
FOG COMPUTINGSaisharan Amaravadhi
 
Honeypots
HoneypotsHoneypots
HoneypotsJayant Gandhi
 
E ball technology
E ball technologyE ball technology
E ball technologyMOHAMMAD ASIF
 
An atm with an eye
An atm with an eyeAn atm with an eye
An atm with an eyeJohn Williams
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
Honeypot
Honeypot Honeypot
Honeypot Sushan Sharma
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & HoneynetsMehdi Poustchi Amin
 

More Related Content

What's hot

Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics123seminarsonly
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
Screenless Display PPT
Screenless Display PPTScreenless Display PPT
Screenless Display PPTVikas Kumar
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 

What's hot (20)

Honey Pot
Honey PotHoney Pot
Honey Pot
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing ppt
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Jini technology ppt
Jini technology pptJini technology ppt
Jini technology ppt
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
I twin technology
I twin technologyI twin technology
I twin technology
 
Screenless Display PPT
Screenless Display PPTScreenless Display PPT
Screenless Display PPT
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Nano computing
Nano computingNano computing
Nano computing
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Edge Computing.pptx
Edge Computing.pptxEdge Computing.pptx
Edge Computing.pptx
 
Browser Security
Browser SecurityBrowser Security
Browser Security
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
FOG COMPUTING
FOG COMPUTINGFOG COMPUTING
FOG COMPUTING
 
Honeypots
HoneypotsHoneypots
Honeypots
 
E ball technology
E ball technologyE ball technology
E ball technology
 
An atm with an eye
An atm with an eyeAn atm with an eye
An atm with an eye
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 

Viewers also liked

Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynetSina Manavi
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief OverviewSILPI ROSAN
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876Momita Sharma
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tpptArya AR
 
Honeypot Social Profiling
Honeypot Social ProfilingHoneypot Social Profiling
Honeypot Social ProfilingBryan Conde
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Communityamiable_indian
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network securitychella mani
 
Ruby On Rails
Ruby On RailsRuby On Rails
Ruby On Railsiradarji
 

Viewers also liked (19)

Honeypot
Honeypot Honeypot
Honeypot
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
 
Honeypot Social Profiling
Honeypot Social ProfilingHoneypot Social Profiling
Honeypot Social Profiling
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypot
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network security
 
Honey pots
Honey potsHoney pots
Honey pots
 
Ruby On Rails
Ruby On RailsRuby On Rails
Ruby On Rails
 
Netcat
NetcatNetcat
Netcat
 

Similar to Honeypots

honeypotss.pptx
honeypotss.pptxhoneypotss.pptx
honeypotss.pptxPoooi2
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxPoooi2
 
honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfPoooi2
 
honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxPoooi2
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynetsRasool Irfan
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.pptDetSersi
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesamit kumar
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypottushar mandal
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network SecurityKirubaburi R
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deceptionmilad saber
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleGregory Hanis
 

Similar to Honeypots (20)

honeypotss.pptx
honeypotss.pptxhoneypotss.pptx
honeypotss.pptx
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptx
 
honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdf
 
honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptx
 
Honeypot2
Honeypot2Honeypot2
Honeypot2
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.ppt
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot
HoneypotHoneypot
Honeypot
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypot
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
 
M0704071074
M0704071074M0704071074
M0704071074
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deception
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 

Recently uploaded

ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.ppt
ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.pptROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.ppt
ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.pptJohnWilliam111370
 
STATE TRANSITION DIAGRAM in psoc subject
STATE TRANSITION DIAGRAM in psoc subjectSTATE TRANSITION DIAGRAM in psoc subject
STATE TRANSITION DIAGRAM in psoc subjectGayathriM270621
 
Javier_Fernandez_CARS_workshop_presentation.pptx
Javier_Fernandez_CARS_workshop_presentation.pptxJavier_Fernandez_CARS_workshop_presentation.pptx
Javier_Fernandez_CARS_workshop_presentation.pptxJavier Fernández Muñoz
 
List of Accredited Concrete Batching Plant.pdf
List of Accredited Concrete Batching Plant.pdfList of Accredited Concrete Batching Plant.pdf
List of Accredited Concrete Batching Plant.pdfisabel213075
 
Python Programming for basic beginners.pptx
Python Programming for basic beginners.pptxPython Programming for basic beginners.pptx
Python Programming for basic beginners.pptxmohitesoham12
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdfHafizMudaserAhmad
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating SystemRashmi Bhat
 
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptx
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptxTriangulation survey (Basic Mine Surveying)_MI10412MI.pptx
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptxRomil Mishra
 
"Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ..."Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ...Erbil Polytechnic University
 
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxCurve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxRomil Mishra
 
Comprehensive energy systems.pdf Comprehensive energy systems.pdf
Comprehensive energy systems.pdf Comprehensive energy systems.pdfComprehensive energy systems.pdf Comprehensive energy systems.pdf
Comprehensive energy systems.pdf Comprehensive energy systems.pdfalene1
 
Artificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewArtificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewsandhya757531
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONjhunlian
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfDrew Moseley
 
Theory of Machine Notes / Lecture Material .pdf
Theory of Machine Notes / Lecture Material .pdfTheory of Machine Notes / Lecture Material .pdf
Theory of Machine Notes / Lecture Material .pdfShreyas Pandit
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfManish Kumar
 
Forming section troubleshooting checklist for improving wire life (1).ppt
Forming section troubleshooting checklist for improving wire life (1).pptForming section troubleshooting checklist for improving wire life (1).ppt
Forming section troubleshooting checklist for improving wire life (1).pptNoman khan
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communicationpanditadesh123
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosVictor Morales
 

Recently uploaded (20)

ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.ppt
ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.pptROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.ppt
ROBOETHICS-CCS345 ETHICS AND ARTIFICIAL INTELLIGENCE.ppt
 
STATE TRANSITION DIAGRAM in psoc subject
STATE TRANSITION DIAGRAM in psoc subjectSTATE TRANSITION DIAGRAM in psoc subject
STATE TRANSITION DIAGRAM in psoc subject
 
Javier_Fernandez_CARS_workshop_presentation.pptx
Javier_Fernandez_CARS_workshop_presentation.pptxJavier_Fernandez_CARS_workshop_presentation.pptx
Javier_Fernandez_CARS_workshop_presentation.pptx
 
List of Accredited Concrete Batching Plant.pdf
List of Accredited Concrete Batching Plant.pdfList of Accredited Concrete Batching Plant.pdf
List of Accredited Concrete Batching Plant.pdf
 
Python Programming for basic beginners.pptx
Python Programming for basic beginners.pptxPython Programming for basic beginners.pptx
Python Programming for basic beginners.pptx
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating System
 
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptx
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptxTriangulation survey (Basic Mine Surveying)_MI10412MI.pptx
Triangulation survey (Basic Mine Surveying)_MI10412MI.pptx
 
"Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ..."Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ...
 
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxCurve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
 
Comprehensive energy systems.pdf Comprehensive energy systems.pdf
Comprehensive energy systems.pdf Comprehensive energy systems.pdfComprehensive energy systems.pdf Comprehensive energy systems.pdf
Comprehensive energy systems.pdf Comprehensive energy systems.pdf
 
Artificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewArtificial Intelligence in Power System overview
Artificial Intelligence in Power System overview
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdf
 
Theory of Machine Notes / Lecture Material .pdf
Theory of Machine Notes / Lecture Material .pdfTheory of Machine Notes / Lecture Material .pdf
Theory of Machine Notes / Lecture Material .pdf
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
 
Forming section troubleshooting checklist for improving wire life (1).ppt
Forming section troubleshooting checklist for improving wire life (1).pptForming section troubleshooting checklist for improving wire life (1).ppt
Forming section troubleshooting checklist for improving wire life (1).ppt
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communication
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitos
 

Honeypots

  • 1. HONEYPOTS PRESENTED BY, SARANYA.S S7 CSE 1
  • 2. CONTENTS  Introduction  What are Honey pots?  Classification  Honeyd  Honeynet  Advantages of honeypot  Disadvantages of honeypot  Conclusion 2
  • 3. INTRODUCTION The internet is growing very fast.  New attacks every day The more you know about your enemy, the better you can protect yourself. The main goal of honeypot is to gather as much information as possible. 3
  • 4. WHAT ARE HONEYPOTS? Honeypot is an exciting new technology with enormous potential for the security community. According to Lance Spitzner, founder of honeypot project: “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.” Used for monitoring, detecting and analyzing attacks 4
  • 5. CLASSIFICATION By level of interaction High Low By level of interaction By implementation Physical Virtual By purpose Production Research 5
  • 6. High interaction Simulates all aspects of the OS: real systems. Can be compromised completely, higher risk. More Information Eg:-Honeynet Architecture of high interaction honeypots 6
  • 7. Low interaction Simulates some aspects of the system Easy to deploy, minimal risk  Limited Information Eg:- Honeyd 7 Architecture of low interaction honeypots
  • 8. Physical Honeypots Real machines Own IP Addresses Often high-interactive 8
  • 9. Virtual Honeypots Simulated by other machines that: • Respond to the network traffic sent to the honeypots • May simulate a lot of (different) virtual honeypots at the same time 9
  • 10. Production Honeypots Help to mitigate risk in your organizations 3 categories: 1.Prevention • Keeping the bad guys out • Mechanism such as encryption prevent attackers from accessing critical information. 10
  • 11. Contd… 2. Detection • Detecting the attacker when he breaks in. • Challenges: False positive, False negative 3.Response • Can easily be pulled offline 11
  • 12. Research Honeypots Capture extensive information Used primarily by research, military, government organization. Used: • To capture automated threats, such autorooters • To capture unknown tools or techniques • To better understand attackers motives 12
  • 13. HONEYD  Open source software released under GNU General Public License. Able to simulate big network on a single host.  Provides simple functionality. 13
  • 14. A Honeyd config file create windows set windows personality "Windows NT 4.0 Server SP5-SP6" set windows default tcp action reset set windows default udp action reset add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows uptime 3284460 bind 192.168.1.201 windows 14
  • 16. Overview of honeyd architecture 16 Routing Personality engine Packet dispatcher ICMP TCP UDP Services Routing Configuration Personality Network • Packet dispatcher Lookup • Configuration database • Protocol handlers • Router • Personality engine
  • 17. HONEYNET High interaction honeypots Two or more honeypots on a network form a honeynet. It is basically an architecture, an entire network of computers designed to be attacked.  The key to the honeynet architecture is “Honey wall”. 17
  • 21. Advantages of Honeypots Collect small data sets of high value Reduced false positive Cost effective Simplicity Minimal resources 21
  • 22. Disadvantages of Honeypots Limited view Risk Finger Printing 22
  • 23. CONCLUSION  Effective tool for observing hacker movements as well as preparing the system for future attacks. Flexible tool with different applications to security  Primary value in detection and information gathering. 23
  • 24. REFERENCES • R. R. Patel and C. S. Thaker, “Zero-day attack signatures detection using honey-pot,” International Conference on Computer Communication and Networks CSI-COMNET- 2011, vol. 1, no. 1, pp. 4–27, 2011. • Lance Spitzner. To build a honeypot. http://www.spitzner.net/honeypot.html. • http://www.tracking-hackers.com/papers/honeypots.html • The Honeynet Project, “Know Your Enemy: Statistics,” available online:http://honeynet.org/papers/stats • http://www.honeynet.org • http://project.honeypot.org 24