Your SlideShare is downloading. ×
0
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Srikanth
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Srikanth

362

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
362
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
15
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Honeypots
  • 2. Definition
    • Any security resource who’s value lies in being probed, attacked, or compromised
    How honeypots work
    • Simple concept
    • A resource that expects no data, so any traffic to or from it is most likely unauthorized activity
  • 3. Types
    • Production (Law Enforcment)
    • Research (Counter-Intelligence)
    • What is the value of honeypots?
    • One of the greatest areas of confusion concerning honeypot technologies.
    Value
  • 4. Advantages
    • Based on how honeypots conceptually work, they have several advantages.
      • Reduce False Positives and False Negatives
      • Data Value
      • Resources
      • Simplicity
  • 5. Disadvantages
    • Based on the concept of honeypots, they also have disadvantages:
      • Narrow Field of View
      • Risk
    Production
    • Prevention
    • Detection
    • Response
  • 6. Prevention
    • Keeping the burglar out of your house.
    • Honeypots, in general are not effective prevention mechanisms.
    • Deception, Deterence , Decoys, are phsychological weapons. They do NOT work against automated attacks:
      • worms
      • auto-rooters
      • mass-rooters
  • 7. Detection
    • Detecting the burglar when he breaks in.
    • Honeypots excel at this capability, due to their advantages.
  • 8. Response
    • Honeypots can be used to help respond to an incident.
      • Can easily be pulled offline (unlike production systems.
      • Little to no data pollution.
  • 9. Research Honeypots
    • Early Warning and Prediction
    • Discover new Tools and Tactics
    • Understand Motives, Behavior, and Organization
    • Develop Analysis and Forensic Skills
  • 10. Level of Interaction
    • Level of Interaction determines amount of functionality a honeypot provides.
    • The greater the interaction, the more you can learn.
    • The greater the interaction, the more complexity and risk.
  • 11. Low Interaction
    • Provide Emulated Services
    • No operating system for attacker to access.
    • Information limited to transactional information and attackers activities with emulated services.
  • 12. High Interaction
    • Provide Actual Operating Systems
    • Learn extensive amounts of information.
    • Extensive risk.
  • 13.
    • Thank you
    • for this opportunity

×