logging in or signing up honeypots kunalkr04 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 71 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: January 31, 2012 This Presentation is Public Favorites: 0 Presentation Description honeypot is technology to detect intrusion.it sets virtual machine and lures hacker to play with it. Comments Posting comment... Premium member Presentation Transcript HONEYPOTS: HONEYPOTS Akshay Tikekar, Kunal Kumar RCERT,Chandrapur.Contents: Contents Introduction How it works Types Advantages Disadvantages Conclusion BibliographyIntroduction: Introduction A honeypot is an intrusion detection technique used to study hacker movements and probing to help better system defenses against later attacks usually made up of a virtual machine that sits on a network or single client. “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource .”How honeypots work: How honeypots work Simple concept A resource that expects no data, so any traffic to or from it is most likely unauthorized activityNot limited to specific purpose: Not limited to specific purpose Honeypots do not solve a specific problem, instead they are a tool that contribute to your overall security architecture. Their value, and the problems they help solve, depend on how build, deploy, and you use them.Types: Types categorised based on level of interaction :- LOW-INTERACTION emulates services,applications,OSes low risk and easy to deploy/maintain but capture limited informaton example – Honeyd,KFsensor .Types: Types HIGH-INTERACTION real services,application,OSes capture extensive information but high risk and hard to maintain example – Honeynet,ManTrap.Honeypots: Honeypots BackOfficer Friendly http://www.nfr.com/products/bof/ SPECTER http://www.specter.com Honeyd http://www.citi.umich.edu/u/provos/honeyd/ ManTrap http://www.recourse.com Honeynets http://project.honeynet.org/papers/honeynet/ Low Interaction High InteractionBackOfficer Friendly: BackOfficer FriendlySpecter: SpecterManTrap: ManTrapWhere it is used ?: Detection Information Gathering Where it is used ?Detection: Detection Problem: Most detection technologies generate thousands of alerts a day, most of which are false positives. Which do you focus on, and how? Low-interaction honeypots are used primarily for detectionDetection: Detection Collect very small data sets of high value. Vastly reduce false positives (if not eliminating them). Catch new attacks (false negatives). Work in encrypted and IPv6 environments. Deployed primarily on internal networks.Information Gathering: Information Gathering Problem: Sometimes detection is not enough. High-interaction honeypots are uniquely qualified to capture extensive amounts of information.Information Gathering: Information Gathering An entire network of systems designed to be compromised. Deployed on both external and internal networks.Advantages: Advantages Based on how honeypots conceptually work, they have several advantages. Data Value Minimal Resources SimplicityDisadvantages: Disadvantages Based on the concept of honeypots, they also have disadvantages: Narrow Field of View Fingerprinting RiskConclusion: Conclusion Honeypots are not a solution, they are a flexible tool with different applications to security. they do not replace any current technology, but work with existing technologies.Bibliography: Bibliography Know Your Enemy www.honeynet.org/book/ Honeypots: Tracking Hackers www.tracking-hackers.com/book/PowerPoint Presentation: QUERIES??? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
honeypots kunalkr04 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 71 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: January 31, 2012 This Presentation is Public Favorites: 0 Presentation Description honeypot is technology to detect intrusion.it sets virtual machine and lures hacker to play with it. Comments Posting comment... Premium member Presentation Transcript HONEYPOTS: HONEYPOTS Akshay Tikekar, Kunal Kumar RCERT,Chandrapur.Contents: Contents Introduction How it works Types Advantages Disadvantages Conclusion BibliographyIntroduction: Introduction A honeypot is an intrusion detection technique used to study hacker movements and probing to help better system defenses against later attacks usually made up of a virtual machine that sits on a network or single client. “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource .”How honeypots work: How honeypots work Simple concept A resource that expects no data, so any traffic to or from it is most likely unauthorized activityNot limited to specific purpose: Not limited to specific purpose Honeypots do not solve a specific problem, instead they are a tool that contribute to your overall security architecture. Their value, and the problems they help solve, depend on how build, deploy, and you use them.Types: Types categorised based on level of interaction :- LOW-INTERACTION emulates services,applications,OSes low risk and easy to deploy/maintain but capture limited informaton example – Honeyd,KFsensor .Types: Types HIGH-INTERACTION real services,application,OSes capture extensive information but high risk and hard to maintain example – Honeynet,ManTrap.Honeypots: Honeypots BackOfficer Friendly http://www.nfr.com/products/bof/ SPECTER http://www.specter.com Honeyd http://www.citi.umich.edu/u/provos/honeyd/ ManTrap http://www.recourse.com Honeynets http://project.honeynet.org/papers/honeynet/ Low Interaction High InteractionBackOfficer Friendly: BackOfficer FriendlySpecter: SpecterManTrap: ManTrapWhere it is used ?: Detection Information Gathering Where it is used ?Detection: Detection Problem: Most detection technologies generate thousands of alerts a day, most of which are false positives. Which do you focus on, and how? Low-interaction honeypots are used primarily for detectionDetection: Detection Collect very small data sets of high value. Vastly reduce false positives (if not eliminating them). Catch new attacks (false negatives). Work in encrypted and IPv6 environments. Deployed primarily on internal networks.Information Gathering: Information Gathering Problem: Sometimes detection is not enough. High-interaction honeypots are uniquely qualified to capture extensive amounts of information.Information Gathering: Information Gathering An entire network of systems designed to be compromised. Deployed on both external and internal networks.Advantages: Advantages Based on how honeypots conceptually work, they have several advantages. Data Value Minimal Resources SimplicityDisadvantages: Disadvantages Based on the concept of honeypots, they also have disadvantages: Narrow Field of View Fingerprinting RiskConclusion: Conclusion Honeypots are not a solution, they are a flexible tool with different applications to security. they do not replace any current technology, but work with existing technologies.Bibliography: Bibliography Know Your Enemy www.honeynet.org/book/ Honeypots: Tracking Hackers www.tracking-hackers.com/book/PowerPoint Presentation: QUERIES???