Using Honey Pots To Improve Your Systems Security
Tuesday, August 11th, 2009You can feel confident against hacker-attacks if you have right security in place. So, what all do you to need to feel confident? What is the right kind of security? What security technologies are available? How you can defend against hacker attacks? How hackers work? Do you really know all?
Wanna know, then read on
First step to attack someones network is to gather information about that network, as much as you can. May it be technical or non-technical, for example where all branch offices are located? Who the target partners with? It can help you understand possible topology and technologies in place.
For the technical side of the information, they will need to know things like, IP addresses and the number of services running on how many servers etc.
The more services that are running on servers, the better chance a hacker has. E.g. if server-A only had port 110 open , but server-B had ports, 443, 143, 110, 80, 25 and 21 open, then server-B would be the obvious choice because there are more points of entry. If you can get past the security on one open port, then you get full access to the server, so the server with the most options for entry would be the one to go for.
But what if server B was just put there to catch your attention, distracting you from something valuable on the other server? You can install fakes servers with lots of open ports for hackers to attack to ensure the safety of your main valuable servers and as soon as they start attacking the decoy, you can analyse their attack plans and work to counter them. This is called the honey pot method.
A honey pot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network but which is actually isolated, protected, and monitored, and which seems to contain information or a resource that would be of value to attackers.
However, honey pots can contain risks to your system as if their not set up properly and isolated completely, hacker can use them to gain access to your system. There are two main kinds of honey pot which you can tell the difference between by the situations they’re used in. The two types are:
1. Production Honeypots 2. Research Honeypots
Production Honey Pots: Easy to use, capture limited information, used mainly by corporations and companies.
Research Honey Pots Usually run by voluntary workers or institutions of IT education in order to collect more and more information about the tactics of modern hackers to develop better defence systems.