• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content







Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Ppt Ppt Presentation Transcript

    • Honeypots – the new era Security tools Presented By ANANTH Kumar . G SWETHA . B
    • What is Security ?  Protect a System or a Network from Unauthorized Access Security involves the following aspects : o Access o Data o Protocol o Information o Transactions Aadhrita'08
    • What is a Honeypot ? “Honeypot can be defined as, an information system resource whose value lies in unauthorized or illicit use of that resource.” Aadhrita'08
    • Honeypots are not replacements for  Security Best Practices  Security Policies  Firewalls  IDS Aadhrita'08
    • Concept Aadhrita'08
    • Types Of Honeypots  Low-interaction Honeypots  Medium-interaction Honeypots  High-interaction Honeypots Aadhrita'08
    • Comparison Level of Interaction Installation and Configuration Deployment and Maintenance Information Gathering Level of Risk LOW Easy Easy Limited Low MEDIUM Considerable Considerable Variably Medium HIGH Extensive Extensive Extensive High Aadhrita'08
    • Value Of Honeypots  Production Honeypot  Prevention  Detection  Response  Research Honeypot  Research Aadhrita'08
    • Advantages  Small Data Sets of High Value  Reduced False Positives  New Tools and Tactics  Information Collection  Minimal Resources  Simplicity Aadhrita'08
    • Drawbacks  Single Data Point  Fingerprinting  Risks Aadhrita'08
    • Honeypot Solutions Aadhrita'08
    • Honeypot Solutions  BackOfficer Friendly  Specter  Honeyd  ManTrap  Honeynets Aadhrita'08
    • BackOfficer Friendly  Low-interaction type  Runs on Windows or Unix  Designed as a response to Black Orifice  pretends to be a Black Orifice server  listens on same port and emulates transactions  logs attackers IP address and operations he tries to perform Aadhrita'08
    • Specter  Low-interaction type  Runs on some Windows  Emulates 7 Services, 6 Fixed and 1 Customized trap  Can emulate 13 different os at application level  Captures attackers keystrokes  Fingerprinting is difficult Aadhrita'08
    • Honeyd  Low-interaction type  Runs on Unix  Emulates 17 Services, but detects any TCP activity  Logs only transaction data – who attempted the connection and when Aadhrita'08
    • General honeyd deployment Aadhrita'08
    • ManTrap  High-interaction type  Runs on some Solaris  Creates up to four OS cages on the same machine  Detects attacks against closed ports also  Used to test security solutions Aadhrita'08
    • Honeynets  High-interaction  Highly flexible  Provide information sharing among security researchers  Used to test new applications  Highly risky but well controlled and monitored  High maintenance Aadhrita'08
    • Practical Applications  Defense against automated attacks  Protection against human intruders  Surgical Detection Methods  Cyber-Forensics
    • Conclusion Aadhrita'08 The modern rapid advancements in computer networking, communication and mobility increased the need of reliable ways to verify the loopholes within the system. Honeypots pave a significant way towards production purposes by preventing, detecting, or responding to attacks. Honeypots can be used for research, gathering information on threats so we can better understand and defend against them.
    • References  Honeynet Project, http://www.honeynet.org  Honeynet Project México, http://www.honeynet.org.mx  Honeynet Project, Know your Enemy: Honeynets, http://www.honeynet.org/papers/honeynet/index.html  Philippine Honeynet Project, Honeynets Learning, 2006, http://www.philippinehoneynet.org/docs/honeynetlearning.pdf  HoneyD, http://www.honeyd.org  Spitzner Lance, Honeypots: Tracking Hackers, 2002
    • Thank you Aadhrita'08 Any Queries ?