SlideShare uma empresa Scribd logo

honeypotss.pptx

Transferir como PPTX, PDF
P
Poooi2

Technology, honeypots

Tecnologia
1 de 26
HONEYPO TS 1
CONTENTS 2  Introduction  What are Honey pots?  Classification  Honeyd  Honeynet  Advantages of honeypot  Disadvantages of honeypot  Conclusion
INTRODUCTION 3 The internet is growing very fast.  New attacks every day The more you know about your enemy, the better you can protect yourself. The main goal of honeypot is to gather as much information as possible.
WHAT ARE HONEYPOTS? 4 Honeypot is an exciting new technology with enormous potential for the security community. According to Lance Spitzner, founder of honeypot project: “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.” Used for monitoring, detecting and analyzing attacks
CLASSIFICATION By level of interaction High Low By implementation Physical Virtual By purpose Production Research 5
High interaction Simulates all aspects of the OS: real systems. Can be compromised completely, higher risk. More Information Eg:-Honeynet Architecture of high interaction honeypots 6
Low interaction Simulates some aspects of the system Easy to deploy, minimal risk  Limited Information Eg:- Honeyd Architecture of low interaction honeypots 7
Physical Honeypots 8 Real machines Own IP Addresses Often high-interactive
Virtual Honeypots 9 Simulated by other machines that: • Respond to the network traffic sent to the honeypots • May simulate a lot of (different) virtual honeypots at the same time
Production Honeypots 10 Help to mitigate risk in your organizations 3 categories: 1.Prevention • Keeping the bad guys out • Mechanism such as encryption prevent attackers from accessing critical information.
Contd… 11 2. Detection • Detecting the attacker when he breaks in. • Challenges: False positive, False negative 3.Response • Can easily be pulled offline
Research Honeypots 12 Capture extensive information Used primarily by research, military, government organization. Used: • To capture automated threats, such autorooters • To capture unknown tools or techniques • To better understand attackers motives
HONEYD 13 Open source software released under GNU General Public License. Able to simulate big network on a single host.  Provides simple functionality.
A Honeyd config file 14 create windows set windows personality "Windows NT 4.0 Server SP5-SP6" set windows default tcp action reset set windows default udp action reset add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows uptime 3284460 bind 192.168.1.201 windows
How Honeyd Works? 15
Overview of honeyd architecture Routing Personality engine Packet dispatcher ICMP TCP UDP Services Routing Configuration Personality Network Lookup • Packet dispatcher • Configuration database • Protocol handlers • Router • Personality engine 16
HONEYNET 17 High interaction honeypots Two or more honeypots on a network form a honeynet. It is basically an architecture, an entire network of computers designed to be attacked.  The key to the honeynet architecture is “Honey wall”.
ARCHITECTURE OF HONEYNET 18
Gen 1 19
Gen2 20
Advantages of Honeypots 21 Collect small data sets of high value Reduced false positive Cost effective Simplicity Minimal resources
Disadvantages of Honeypots 22 Limited view Risk Finger Printing
CONCLUSION 23 Effective tool for observing hacker movements as well as preparing the system for future attacks. Flexible tool with different applications to security  Primary value in detection and information gathering.
REFERENCES 24 • R. R. Patel and C. S. Thaker, “Zero-day attack signatures detection using honey-pot,” International Conference on Computer Communication and Networks CSI-COMNET- 2011, vol. 1, no. 1, pp. 4–27, 2011. • Lance Spitzner. To build a honeypot. http://www.spitzner.net/honeypot.html. • http://www.tracking-hackers.com/papers/honeypots.html • The Honeynet Project, “Know Your Enemy: Statistics,” available online:http://honeynet.org/papers/stats • http://www.honeynet.org • http://project.honeypot.org
QUESTIONS……. 25
THANKYOU 26

Recomendados

honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxPoooi2
 
honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfPoooi2
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876Momita Sharma
 
Design & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsDesign & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsIOSR Journals
 
Lecture 7
Lecture 7Lecture 7
Lecture 7Education
 
Honeypot2
Honeypot2Honeypot2
Honeypot2KirtiGoyal25
 

Recomendados

honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxPoooi2
 
honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfPoooi2
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Honeypots
HoneypotsHoneypots
HoneypotsSARANYA S
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876Momita Sharma
 
Design & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsDesign & Implementation of Honeyd to Simulate Virtual Honeypots
Design & Implementation of Honeyd to Simulate Virtual HoneypotsIOSR Journals
 
Lecture 7
Lecture 7Lecture 7
Lecture 7Education
 
Honeypot2
Honeypot2Honeypot2
Honeypot2KirtiGoyal25
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.pptDetSersi
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief OverviewSILPI ROSAN
 
E0312834
E0312834E0312834
E0312834iosrjournals
 
Honeypot
Honeypot Honeypot
Honeypot Sushan Sharma
 
Introduction to Honeypots
Introduction to HoneypotsIntroduction to Honeypots
Introduction to HoneypotsEmil Tan
 
Honey pot in cloud computing
Honey pot in cloud computingHoney pot in cloud computing
Honey pot in cloud computingأحلام انصارى
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1samrat saurabh
 
Honeypot Presentation - Using Honeyd
Honeypot Presentation - Using HoneydHoneypot Presentation - Using Honeyd
Honeypot Presentation - Using Honeydicanhasfay
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
Honeypot
HoneypotHoneypot
HoneypotShashwat Shriparv
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynetsRasool Irfan
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ssKajal Mittal
 
Honey pots
Honey potsHoney pots
Honey potsAlok Singh
 
Honeypots
HoneypotsHoneypots
HoneypotsGaurav Gupta
 
Honeypot
HoneypotHoneypot
HoneypotSyeda Khadizatul maria
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Honeypots
HoneypotsHoneypots
HoneypotsJyoti Nagargoje
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deceptionmilad saber
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & HoneynetsMehdi Poustchi Amin
 
eddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptxeddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptxPoooi2
 
microgrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptxmicrogrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptxPoooi2
 

Mais conteúdo relacionado

Semelhante a honeypotss.pptx

honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.pptDetSersi
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief OverviewSILPI ROSAN
 
Introduction to Honeypots
Introduction to HoneypotsIntroduction to Honeypots
Introduction to HoneypotsEmil Tan
 
Honeypot Presentation - Using Honeyd
Honeypot Presentation - Using HoneydHoneypot Presentation - Using Honeyd
Honeypot Presentation - Using Honeydicanhasfay
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynetsRasool Irfan
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deceptionmilad saber
 

Semelhante a honeypotss.pptx (20)

honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.ppt
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
 
E0312834
E0312834E0312834
E0312834
 
Honeypot
Honeypot Honeypot
Honeypot
 
Introduction to Honeypots
Introduction to HoneypotsIntroduction to Honeypots
Introduction to Honeypots
 
Honey pot in cloud computing
Honey pot in cloud computingHoney pot in cloud computing
Honey pot in cloud computing
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
 
Honeypot Presentation - Using Honeyd
Honeypot Presentation - Using HoneydHoneypot Presentation - Using Honeyd
Honeypot Presentation - Using Honeyd
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot
HoneypotHoneypot
Honeypot
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deception
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 

Mais de Poooi2

eddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptxeddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptxPoooi2
 
microgrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptxmicrogrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptxPoooi2
 
schneider-electric-storage.pptx
schneider-electric-storage.pptxschneider-electric-storage.pptx
schneider-electric-storage.pptxPoooi2
 
162579-builder-template-16x9.pptx
162579-builder-template-16x9.pptx162579-builder-template-16x9.pptx
162579-builder-template-16x9.pptxPoooi2
 
artificial intellegence.pptx
artificial intellegence.pptxartificial intellegence.pptx
artificial intellegence.pptxPoooi2
 
Night-Vision-Technology-ppt (1).pptx
Night-Vision-Technology-ppt (1).pptxNight-Vision-Technology-ppt (1).pptx
Night-Vision-Technology-ppt (1).pptxPoooi2
 
temperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxtemperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxPoooi2
 
technicalseminar-190411055638.pdf
technicalseminar-190411055638.pdftechnicalseminar-190411055638.pdf
technicalseminar-190411055638.pdfPoooi2
 
facerecognitiontechnology-131025121934-phpapp01.pdf
facerecognitiontechnology-131025121934-phpapp01.pdffacerecognitiontechnology-131025121934-phpapp01.pdf
facerecognitiontechnology-131025121934-phpapp01.pdfPoooi2
 
developementofmobileapplication-160412025313 (1).pptx
developementofmobileapplication-160412025313 (1).pptxdevelopementofmobileapplication-160412025313 (1).pptx
developementofmobileapplication-160412025313 (1).pptxPoooi2
 
temperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxtemperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxPoooi2
 
solartree-140521004426-phpapp01 (1).pptx
solartree-140521004426-phpapp01 (1).pptxsolartree-140521004426-phpapp01 (1).pptx
solartree-140521004426-phpapp01 (1).pptxPoooi2
 
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptx
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptxa36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptx
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptxPoooi2
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxPoooi2
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.pptPoooi2
 

Mais de Poooi2 (15)

eddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptxeddycurrentbreaking-131015080857-phpapp01.pptx
eddycurrentbreaking-131015080857-phpapp01.pptx
 
microgrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptxmicrogrid-presentation-090825235628-phpapp02.pptx
microgrid-presentation-090825235628-phpapp02.pptx
 
schneider-electric-storage.pptx
schneider-electric-storage.pptxschneider-electric-storage.pptx
schneider-electric-storage.pptx
 
162579-builder-template-16x9.pptx
162579-builder-template-16x9.pptx162579-builder-template-16x9.pptx
162579-builder-template-16x9.pptx
 
artificial intellegence.pptx
artificial intellegence.pptxartificial intellegence.pptx
artificial intellegence.pptx
 
Night-Vision-Technology-ppt (1).pptx
Night-Vision-Technology-ppt (1).pptxNight-Vision-Technology-ppt (1).pptx
Night-Vision-Technology-ppt (1).pptx
 
temperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxtemperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptx
 
technicalseminar-190411055638.pdf
technicalseminar-190411055638.pdftechnicalseminar-190411055638.pdf
technicalseminar-190411055638.pdf
 
facerecognitiontechnology-131025121934-phpapp01.pdf
facerecognitiontechnology-131025121934-phpapp01.pdffacerecognitiontechnology-131025121934-phpapp01.pdf
facerecognitiontechnology-131025121934-phpapp01.pdf
 
developementofmobileapplication-160412025313 (1).pptx
developementofmobileapplication-160412025313 (1).pptxdevelopementofmobileapplication-160412025313 (1).pptx
developementofmobileapplication-160412025313 (1).pptx
 
temperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptxtemperresistante-190503164148 (1) (1).pptx
temperresistante-190503164148 (1) (1).pptx
 
solartree-140521004426-phpapp01 (1).pptx
solartree-140521004426-phpapp01 (1).pptxsolartree-140521004426-phpapp01 (1).pptx
solartree-140521004426-phpapp01 (1).pptx
 
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptx
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptxa36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptx
a36ba6f5-0090-444b-9a2c-19b38b65d5f5-150215005736-conversion-gate02.pptx
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptx
 
honeypots.ppt
honeypots.ppthoneypots.ppt
honeypots.ppt
 

Último

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 

Último (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 

honeypotss.pptx

  • 2. CONTENTS 2  Introduction  What are Honey pots?  Classification  Honeyd  Honeynet  Advantages of honeypot  Disadvantages of honeypot  Conclusion
  • 3. INTRODUCTION 3 The internet is growing very fast.  New attacks every day The more you know about your enemy, the better you can protect yourself. The main goal of honeypot is to gather as much information as possible.
  • 4. WHAT ARE HONEYPOTS? 4 Honeypot is an exciting new technology with enormous potential for the security community. According to Lance Spitzner, founder of honeypot project: “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.” Used for monitoring, detecting and analyzing attacks
  • 5. CLASSIFICATION By level of interaction High Low By implementation Physical Virtual By purpose Production Research 5
  • 6. High interaction Simulates all aspects of the OS: real systems. Can be compromised completely, higher risk. More Information Eg:-Honeynet Architecture of high interaction honeypots 6
  • 7. Low interaction Simulates some aspects of the system Easy to deploy, minimal risk  Limited Information Eg:- Honeyd Architecture of low interaction honeypots 7
  • 8. Physical Honeypots 8 Real machines Own IP Addresses Often high-interactive
  • 9. Virtual Honeypots 9 Simulated by other machines that: • Respond to the network traffic sent to the honeypots • May simulate a lot of (different) virtual honeypots at the same time
  • 10. Production Honeypots 10 Help to mitigate risk in your organizations 3 categories: 1.Prevention • Keeping the bad guys out • Mechanism such as encryption prevent attackers from accessing critical information.
  • 11. Contd… 11 2. Detection • Detecting the attacker when he breaks in. • Challenges: False positive, False negative 3.Response • Can easily be pulled offline
  • 12. Research Honeypots 12 Capture extensive information Used primarily by research, military, government organization. Used: • To capture automated threats, such autorooters • To capture unknown tools or techniques • To better understand attackers motives
  • 13. HONEYD 13 Open source software released under GNU General Public License. Able to simulate big network on a single host.  Provides simple functionality.
  • 14. A Honeyd config file 14 create windows set windows personality "Windows NT 4.0 Server SP5-SP6" set windows default tcp action reset set windows default udp action reset add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows uptime 3284460 bind 192.168.1.201 windows
  • 16. Overview of honeyd architecture Routing Personality engine Packet dispatcher ICMP TCP UDP Services Routing Configuration Personality Network Lookup • Packet dispatcher • Configuration database • Protocol handlers • Router • Personality engine 16
  • 17. HONEYNET 17 High interaction honeypots Two or more honeypots on a network form a honeynet. It is basically an architecture, an entire network of computers designed to be attacked.  The key to the honeynet architecture is “Honey wall”.
  • 21. Advantages of Honeypots 21 Collect small data sets of high value Reduced false positive Cost effective Simplicity Minimal resources
  • 22. Disadvantages of Honeypots 22 Limited view Risk Finger Printing
  • 23. CONCLUSION 23 Effective tool for observing hacker movements as well as preparing the system for future attacks. Flexible tool with different applications to security  Primary value in detection and information gathering.
  • 24. REFERENCES 24 • R. R. Patel and C. S. Thaker, “Zero-day attack signatures detection using honey-pot,” International Conference on Computer Communication and Networks CSI-COMNET- 2011, vol. 1, no. 1, pp. 4–27, 2011. • Lance Spitzner. To build a honeypot. http://www.spitzner.net/honeypot.html. • http://www.tracking-hackers.com/papers/honeypots.html • The Honeynet Project, “Know Your Enemy: Statistics,” available online:http://honeynet.org/papers/stats • http://www.honeynet.org • http://project.honeypot.org