Honeypots
Honeypots are closely monitored network decoys serving several purposes: they can distract adversaries from more valuable machines on a network, they can provide early warning about new attack and exploitation trends and they allow in-depth examination of adversaries during and after exploitation of a honeypot.
Honeypots are a highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering. Honeypots all share the same concept: a security resource that should not have any production or authorized activity. In other words, deployment of honeypots in a network should not affect critical network services and applications. A honeypot is a security resource who's value lies in being probed, attacked, or compromised.
There are two general types of honeypots:
Honeypots are a highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering. Honeypots all share the same concept: a security resource that should not have any production or authorized activity. In other words, deployment of honeypots in a network should not affect critical network services and applications. A honeypot is a security resource who's value lies in being probed, attacked, or compromised.
There are two general types of honeypots:
- Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations;
- Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations.
oleh [ supie ]
pada [ 9:55 PG ]
0 pandangan pembaca
