Your SlideShare is downloading. ×
0
Honeypots
Definition <ul><li>Any security resource who’s value lies in being probed, attacked, or compromised </li></ul>How honeypot...
Types <ul><li>Production (Law Enforcment) </li></ul><ul><li>Research (Counter-Intelligence) </li></ul><ul><li>What is the ...
Advantages <ul><li>Based on how honeypots conceptually work, they have several advantages. </li></ul><ul><ul><li>Reduce Fa...
Disadvantages <ul><li>Based on the concept of honeypots, they also have disadvantages: </li></ul><ul><ul><li>Narrow Field ...
Prevention <ul><li>Keeping the burglar out of your house. </li></ul><ul><li>Honeypots, in general are not effective preven...
Detection <ul><li>Detecting the burglar when he breaks in. </li></ul><ul><li>Honeypots excel at this capability, due to th...
Response <ul><li>Honeypots can be used to help respond to an incident. </li></ul><ul><ul><li>Can easily be pulled offline ...
Research Honeypots <ul><li>Early Warning and Prediction </li></ul><ul><li>Discover new Tools and Tactics </li></ul><ul><li...
Level of Interaction <ul><li>Level of Interaction determines amount of functionality a honeypot provides. </li></ul><ul><l...
Low Interaction <ul><li>Provide Emulated Services </li></ul><ul><li>No operating system for attacker to access. </li></ul>...
High Interaction <ul><li>Provide Actual Operating Systems </li></ul><ul><li>Learn extensive amounts of information. </li><...
<ul><li>Thank  you  </li></ul><ul><li>for this opportunity </li></ul>
Upcoming SlideShare
Loading in...5
×

Srikanth

372

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
372
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
15
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Srikanth"

  1. 1. Honeypots
  2. 2. Definition <ul><li>Any security resource who’s value lies in being probed, attacked, or compromised </li></ul>How honeypots work <ul><li>Simple concept </li></ul><ul><li>A resource that expects no data, so any traffic to or from it is most likely unauthorized activity </li></ul>
  3. 3. Types <ul><li>Production (Law Enforcment) </li></ul><ul><li>Research (Counter-Intelligence) </li></ul><ul><li>What is the value of honeypots? </li></ul><ul><li>One of the greatest areas of confusion concerning honeypot technologies. </li></ul>Value
  4. 4. Advantages <ul><li>Based on how honeypots conceptually work, they have several advantages. </li></ul><ul><ul><li>Reduce False Positives and False Negatives </li></ul></ul><ul><ul><li>Data Value </li></ul></ul><ul><ul><li>Resources </li></ul></ul><ul><ul><li>Simplicity </li></ul></ul>
  5. 5. Disadvantages <ul><li>Based on the concept of honeypots, they also have disadvantages: </li></ul><ul><ul><li>Narrow Field of View </li></ul></ul><ul><ul><li>Risk </li></ul></ul>Production <ul><li>Prevention </li></ul><ul><li>Detection </li></ul><ul><li>Response </li></ul>
  6. 6. Prevention <ul><li>Keeping the burglar out of your house. </li></ul><ul><li>Honeypots, in general are not effective prevention mechanisms. </li></ul><ul><li>Deception, Deterence , Decoys, are phsychological weapons. They do NOT work against automated attacks: </li></ul><ul><ul><li>worms </li></ul></ul><ul><ul><li>auto-rooters </li></ul></ul><ul><ul><li>mass-rooters </li></ul></ul>
  7. 7. Detection <ul><li>Detecting the burglar when he breaks in. </li></ul><ul><li>Honeypots excel at this capability, due to their advantages. </li></ul>
  8. 8. Response <ul><li>Honeypots can be used to help respond to an incident. </li></ul><ul><ul><li>Can easily be pulled offline (unlike production systems. </li></ul></ul><ul><ul><li>Little to no data pollution. </li></ul></ul>
  9. 9. Research Honeypots <ul><li>Early Warning and Prediction </li></ul><ul><li>Discover new Tools and Tactics </li></ul><ul><li>Understand Motives, Behavior, and Organization </li></ul><ul><li>Develop Analysis and Forensic Skills </li></ul>
  10. 10. Level of Interaction <ul><li>Level of Interaction determines amount of functionality a honeypot provides. </li></ul><ul><li>The greater the interaction, the more you can learn. </li></ul><ul><li>The greater the interaction, the more complexity and risk. </li></ul>
  11. 11. Low Interaction <ul><li>Provide Emulated Services </li></ul><ul><li>No operating system for attacker to access. </li></ul><ul><li>Information limited to transactional information and attackers activities with emulated services. </li></ul>
  12. 12. High Interaction <ul><li>Provide Actual Operating Systems </li></ul><ul><li>Learn extensive amounts of information. </li></ul><ul><li>Extensive risk. </li></ul>
  13. 13. <ul><li>Thank you </li></ul><ul><li>for this opportunity </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×