SlideShare a Scribd company logo

Honeypot

Download as PPT, PDF
Sajan Sahu
Sajan Sahu

Honeypot

Technology
1 of 13
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar Presentation On Technical Seminar 2004 RAKESH KHATAI IT200118029 1 ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Presented By : Rakesh khatai IT200118029 Under the guidance of : Mr. PRADEEP KUMAR JENA
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 2 INTRODUCTION  A honeypot is a resource which help directly in increasing a computer network’s security  Intrusion Detection System (IDS) plays an important part in nearly every honeypot Types : Production honeypots and Research honeypots
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 3 LEVEL OF INVOLVEMENT  Low-involvement A low-involvement honeypot typically only provides certain fake services. On a low-involvement honeypot there is no real operating system that an attacker can operate on  High-involvement A high-involvement honeypot has a real underlying operating system. This leads to a much higher risk as the complexity increases rapidly
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 4 HONEYNET Honeynets are made to make honeypots more productive Components:  Firewall computer  Intrusion detection computer  Remote syslog computer  Honeypot
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 5 Internet Internet Internet Honeypot Honeypot One Honeypot Two Honeypot Three Firewall or Bridge Firewall or Bridge Virtual Honeypot One Virtual Honeypot Two Virtual Honeynet Virtual Honeypot Three
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 6 AVAILABLE HONEYPOTS  Mantrap  Deception Toolkit  Specter  BackOfficer Friendly  Home grown honeypots
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 7 INTRUSION DETECTION SYSYTEM  Network based intrusion detection  Host based intrusion detection  Signature based intrusion detection  Anomalies based intrusion detection
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Snort Technical Seminar 2004 RAKESH KHATAI IT200118029 8 Snort is a freely available intrusion detection system  Sniffer Mode  Logger Mode  Intrusion Detection Mode
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 9 Snort configuration file SIGNATURES SNORT SENSOR Text file Syslog Database LOG TCP Dump Snort Log Database ALERTS Fig: Snort Overview
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT External Network Technical Seminar 2004 RAKESH KHATAI IT200118029 10 Honeypot Eth0- 10.11.1.1 Gateway (Snort + Redirection Module) Remote Log Server Production Host Hostile Host Internal Network 172.16.0.25 172.16.0.25 Eth1- 172.16.0.1 172.16.0.4 Eth2- 172.16.0.2 Fig :network configuration of the honeypot and the production hosts
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 11 CONCLUSION  A honeypot is a valuable resource, especially to collect information about proceedings of attackers as well as their deployed tools  Honeypots cannot be considered as a standard product with a fixed place in every security aware environment
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 12 REFERENCES  [1] Marty Roesch and David Dittrich, Snort, An open source intrusion detection system, http://www.snort.org  [2] The World of Honeypots, Rick Johnson, IT world, November 2001  [3] Mark Cooper, member of Distributed Honeynet Project, Baby Steps with a Honeypot, http://www.lucidic.net/whitepapers/mcooper-4- 2002.html  [4]The Honeypot Project http://www.project.honeypot.org
ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 13 Thank You…

Recommended

Honeypots
HoneypotsHoneypots
HoneypotsGaurav Gupta
 
Honeypots
HoneypotsHoneypots
HoneypotsJayant Gandhi
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Seminar Report on Honeypot
Seminar Report on HoneypotSeminar Report on Honeypot
Seminar Report on HoneypotAmit Poonia
 
Honeypots
HoneypotsHoneypots
HoneypotsJ. Scott Christianson
 
Honeypot
HoneypotHoneypot
HoneypotAkhil Sahajan
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypotElham Hormozi
 
Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar reportInder NeGi
 

Recommended

Honeypots
HoneypotsHoneypots
HoneypotsGaurav Gupta
 
Honeypots
HoneypotsHoneypots
HoneypotsJayant Gandhi
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Seminar Report on Honeypot
Seminar Report on HoneypotSeminar Report on Honeypot
Seminar Report on HoneypotAmit Poonia
 
Honeypots
HoneypotsHoneypots
HoneypotsJ. Scott Christianson
 
Honeypot
HoneypotHoneypot
HoneypotAkhil Sahajan
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypotElham Hormozi
 
Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar reportInder NeGi
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tpptArya AR
 
Honeypot
HoneypotHoneypot
HoneypotShashwat Shriparv
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot BasicsManoj kumawat
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypottushar mandal
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Ravindra Singh Rathore
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1samrat saurabh
 
Honeypot2
Honeypot2Honeypot2
Honeypot2KirtiGoyal25
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & HoneynetsMehdi Poustchi Amin
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Honeypots
HoneypotsHoneypots
HoneypotsPresentaionslive.blogspot.com
 
Honeypot
Honeypot Honeypot
Honeypot Sushan Sharma
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynetSina Manavi
 
Honeypots
HoneypotsHoneypots
HoneypotsRushikesh Kulkarni
 
Honey Pot
Honey PotHoney Pot
Honey Potiradarji
 
Satrack
SatrackSatrack
SatrackSonal Patil
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Honey pots
Honey potsHoney pots
Honey potsDivya korrapati
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackersBhaskarasai Chitturi
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ssKajal Mittal
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network securitychella mani
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsLondon School of Cyber Security
 

More Related Content

What's hot

Honey po tppt
Honey po tpptHoney po tppt
Honey po tpptArya AR
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypottushar mandal
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynetSina Manavi
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network securitychella mani
 

What's hot (20)

Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypot
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
 
Honeypot2
Honeypot2Honeypot2
Honeypot2
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot
Honeypot Honeypot
Honeypot
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honey Pot
Honey PotHoney Pot
Honey Pot
 
Satrack
SatrackSatrack
Satrack
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackers
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network security
 

Viewers also liked

HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-Honeypotnirate
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...AFCEA International
 
Honeypot 101 (slide share)
Honeypot 101 (slide share)Honeypot 101 (slide share)
Honeypot 101 (slide share)Emil Tan
 
Андрей Аваданей - Как с помощью honeypot защитить критические активы компании
Андрей Аваданей - Как с помощью honeypot защитить критические активы компанииАндрей Аваданей - Как с помощью honeypot защитить критические активы компании
Андрей Аваданей - Как с помощью honeypot защитить критические активы компанииHackIT Ukraine
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypotmmubashirkhan
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
BSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseBSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseChris Sistrunk
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicJulia Yu-Chin Cheng
 

Viewers also liked (17)

HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA Environments
 
Honeypot
HoneypotHoneypot
Honeypot
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-Honeypot
 
Honey pots
Honey potsHoney pots
Honey pots
 
Slideshare ppt
Slideshare pptSlideshare ppt
Slideshare ppt
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
 
Honeypot 101 (slide share)
Honeypot 101 (slide share)Honeypot 101 (slide share)
Honeypot 101 (slide share)
 
Андрей Аваданей - Как с помощью honeypot защитить критические активы компании
Андрей Аваданей - Как с помощью honeypot защитить критические активы компанииАндрей Аваданей - Как с помощью honeypot защитить критические активы компании
Андрей Аваданей - Как с помощью honeypot защитить критические активы компании
 
Firewall dan honeypot
Firewall dan honeypotFirewall dan honeypot
Firewall dan honeypot
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypot
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
BSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseBSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA Defense
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
 

Similar to Honeypot

Exploring Risk and Mapping the Internet of Things with Autonomous Drones
Exploring Risk and Mapping the Internet of Things with Autonomous DronesExploring Risk and Mapping the Internet of Things with Autonomous Drones
Exploring Risk and Mapping the Internet of Things with Autonomous DronesPraetorian
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeFrancesco Faenzi
 
IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process EC-Council
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solutionmatthew.maisel
 
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Disha Bedi
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTForescout Technologies Inc
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network SecurityHarish Chaudhary
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Fortinet ixia ottawa, june 2013
Fortinet ixia ottawa, june 2013Fortinet ixia ottawa, june 2013
Fortinet ixia ottawa, june 2013juliankanarek
 
Ceh v8 labs module 08 sniffers
Ceh v8 labs module 08 sniffersCeh v8 labs module 08 sniffers
Ceh v8 labs module 08 sniffersAsep Sopyan
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools iSyaiful Ahdan
 
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...Seungjoo Kim
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Joel W. King
 
Ce hv6 module 60 firewall technologies
Ce hv6 module 60 firewall technologiesCe hv6 module 60 firewall technologies
Ce hv6 module 60 firewall technologiesVi Tính Hoàng Nam
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toasterguest66dc5f
 
Footprinting _ By Mujmmil Shaikh
Footprinting _ By Mujmmil ShaikhFootprinting _ By Mujmmil Shaikh
Footprinting _ By Mujmmil ShaikhMujmmil Shaikh
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015CODE BLUE
 

Similar to Honeypot (20)

Exploring Risk and Mapping the Internet of Things with Autonomous Drones
Exploring Risk and Mapping the Internet of Things with Autonomous DronesExploring Risk and Mapping the Internet of Things with Autonomous Drones
Exploring Risk and Mapping the Internet of Things with Autonomous Drones
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in Europe
 
IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
 
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
Fortinet ixia ottawa, june 2013
Fortinet ixia ottawa, june 2013Fortinet ixia ottawa, june 2013
Fortinet ixia ottawa, june 2013
 
Ceh v8 labs module 08 sniffers
Ceh v8 labs module 08 sniffersCeh v8 labs module 08 sniffers
Ceh v8 labs module 08 sniffers
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools i
 
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...
 
Ce hv6 module 60 firewall technologies
Ce hv6 module 60 firewall technologiesCe hv6 module 60 firewall technologies
Ce hv6 module 60 firewall technologies
 
Um basic config_l2p_rel71_en
Um basic config_l2p_rel71_enUm basic config_l2p_rel71_en
Um basic config_l2p_rel71_en
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
 
Footprinting _ By Mujmmil Shaikh
Footprinting _ By Mujmmil ShaikhFootprinting _ By Mujmmil Shaikh
Footprinting _ By Mujmmil Shaikh
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
 

More from Sajan Sahu

Architecture of message oriented middleware
Architecture of message oriented middlewareArchitecture of message oriented middleware
Architecture of message oriented middlewareSajan Sahu
 
Insurance envoy
Insurance envoyInsurance envoy
Insurance envoySajan Sahu
 
Computer’s memory
Computer’s memoryComputer’s memory
Computer’s memorySajan Sahu
 
Automated inspection of aircraft
Automated inspection of aircraftAutomated inspection of aircraft
Automated inspection of aircraftSajan Sahu
 
Data compretion
Data compretionData compretion
Data compretionSajan Sahu
 
Data warehouseing
Data warehouseingData warehouseing
Data warehouseingSajan Sahu
 
Information system
Information systemInformation system
Information systemSajan Sahu
 
Wireless application protocol (WAP)
Wireless application protocol (WAP)Wireless application protocol (WAP)
Wireless application protocol (WAP)Sajan Sahu
 
Blink detection and tracking of eyes for eye localisat
Blink detection and tracking of eyes for eye localisatBlink detection and tracking of eyes for eye localisat
Blink detection and tracking of eyes for eye localisatSajan Sahu
 
Database system
Database systemDatabase system
Database systemSajan Sahu
 
Internet telephony
Internet telephonyInternet telephony
Internet telephonySajan Sahu
 

More from Sajan Sahu (20)

Architecture of message oriented middleware
Architecture of message oriented middlewareArchitecture of message oriented middleware
Architecture of message oriented middleware
 
Insurance envoy
Insurance envoyInsurance envoy
Insurance envoy
 
Computer’s memory
Computer’s memoryComputer’s memory
Computer’s memory
 
Automated inspection of aircraft
Automated inspection of aircraftAutomated inspection of aircraft
Automated inspection of aircraft
 
Data compretion
Data compretionData compretion
Data compretion
 
Deadlock
DeadlockDeadlock
Deadlock
 
Data warehouseing
Data warehouseingData warehouseing
Data warehouseing
 
Information system
Information systemInformation system
Information system
 
Dna computing
Dna computingDna computing
Dna computing
 
Wireless application protocol (WAP)
Wireless application protocol (WAP)Wireless application protocol (WAP)
Wireless application protocol (WAP)
 
Blink detection and tracking of eyes for eye localisat
Blink detection and tracking of eyes for eye localisatBlink detection and tracking of eyes for eye localisat
Blink detection and tracking of eyes for eye localisat
 
Database system
Database systemDatabase system
Database system
 
GPRS
GPRSGPRS
GPRS
 
Bios
BiosBios
Bios
 
Bluetooth
Bluetooth Bluetooth
Bluetooth
 
802.11
802.11802.11
802.11
 
Erp
ErpErp
Erp
 
Internet telephony
Internet telephonyInternet telephony
Internet telephony
 
Wcdma
WcdmaWcdma
Wcdma
 
Criptography
CriptographyCriptography
Criptography
 

Recently uploaded

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 

Recently uploaded (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 

Honeypot

  • 1. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar Presentation On Technical Seminar 2004 RAKESH KHATAI IT200118029 1 ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Presented By : Rakesh khatai IT200118029 Under the guidance of : Mr. PRADEEP KUMAR JENA
  • 2. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 2 INTRODUCTION  A honeypot is a resource which help directly in increasing a computer network’s security  Intrusion Detection System (IDS) plays an important part in nearly every honeypot Types : Production honeypots and Research honeypots
  • 3. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 3 LEVEL OF INVOLVEMENT  Low-involvement A low-involvement honeypot typically only provides certain fake services. On a low-involvement honeypot there is no real operating system that an attacker can operate on  High-involvement A high-involvement honeypot has a real underlying operating system. This leads to a much higher risk as the complexity increases rapidly
  • 4. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 4 HONEYNET Honeynets are made to make honeypots more productive Components:  Firewall computer  Intrusion detection computer  Remote syslog computer  Honeypot
  • 5. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 5 Internet Internet Internet Honeypot Honeypot One Honeypot Two Honeypot Three Firewall or Bridge Firewall or Bridge Virtual Honeypot One Virtual Honeypot Two Virtual Honeynet Virtual Honeypot Three
  • 6. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 6 AVAILABLE HONEYPOTS  Mantrap  Deception Toolkit  Specter  BackOfficer Friendly  Home grown honeypots
  • 7. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 7 INTRUSION DETECTION SYSYTEM  Network based intrusion detection  Host based intrusion detection  Signature based intrusion detection  Anomalies based intrusion detection
  • 8. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Snort Technical Seminar 2004 RAKESH KHATAI IT200118029 8 Snort is a freely available intrusion detection system  Sniffer Mode  Logger Mode  Intrusion Detection Mode
  • 9. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 9 Snort configuration file SIGNATURES SNORT SENSOR Text file Syslog Database LOG TCP Dump Snort Log Database ALERTS Fig: Snort Overview
  • 10. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT External Network Technical Seminar 2004 RAKESH KHATAI IT200118029 10 Honeypot Eth0- 10.11.1.1 Gateway (Snort + Redirection Module) Remote Log Server Production Host Hostile Host Internal Network 172.16.0.25 172.16.0.25 Eth1- 172.16.0.1 172.16.0.4 Eth2- 172.16.0.2 Fig :network configuration of the honeypot and the production hosts
  • 11. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 11 CONCLUSION  A honeypot is a valuable resource, especially to collect information about proceedings of attackers as well as their deployed tools  Honeypots cannot be considered as a standard product with a fixed place in every security aware environment
  • 12. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 12 REFERENCES  [1] Marty Roesch and David Dittrich, Snort, An open source intrusion detection system, http://www.snort.org  [2] The World of Honeypots, Rick Johnson, IT world, November 2001  [3] Mark Cooper, member of Distributed Honeynet Project, Baby Steps with a Honeypot, http://www.lucidic.net/whitepapers/mcooper-4- 2002.html  [4]The Honeypot Project http://www.project.honeypot.org
  • 13. ENHANCING NETWORK INTRUSION DETECTION SYSTEM WITH HONEYPOT Technical Seminar 2004 RAKESH KHATAI IT200118029 13 Thank You…