Definition of Honeypots
Defined as: A trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.
|
|
Honeypots
|
|
Learning More About Attack Patterns With Honeypots
In this paper, we present a project that has established a world-wide distributed sensor system of honeypots. Within this system, each platform has the same configuration, thus allowing us to compare the collected data of each platform. And since all platforms send all logging data to a central database, this enables us to correlate all data and draw conclusions from it. Besides presenting the project, we show how the collected data can be used to learn more about attack patterns. In addition, we illustrate how we can learn more about root-causes of attacks, i.e., specific tools or techniques used by attackers.
Read the Article
|
Honeymonkeys: Chasing hackers with a bunch of monkeys
As part of their ongoing efforts to secure the use of the web for Windows-based systems Microsoft recently launched a new research initiative called Honeymonkeys. This talk will introduce the basic concepts and ideas behind this initiative and will present the speakers' latest research project to gain more knowledge about implementing client-based honeypots.
Watch the Video
|
Honeypots 101: Uses of Honeypots in IT Security
In this paper, we shall be dealing with the difficult area of defining and enumerating the uses of honeypots. Not an easy task particularly the fact that there are so many. In fact, in our previous papers, the ambiguity of what a honeypot stems from its myriad uses. But to start, we shall categorize the uses into 3 broad roles that we believe would encompass the uses of honeypots in IT security.
Read the Article
|
Honeynet Learning: Discovering IT Security
In this paper, we shall propose an approach to augment traditional learning methodologies in IT Security called Honeynet Learning. This approach uses the honeynets as tools and resources to augment learning in both students and instructors alike. This approach will incorporate the learning concepts that we feel is important to promote learning in IT Security namely discovery, feedback and "real world" experience. Aside from this, we shall be illustrating a proposed methodology built upon these concepts that can be applied in a typical IT Security course.
Read the Article
|
Building a PHP Honeypot
Recent years have seen a substantial rise in the number of attacks directed against web applications, such as SQL injection, cross-site scripting attacks (XSS) and other input validation problems such as remote file includes in some PHP applications, command injection in the XML-RPC library and in the awstats[Aws06] package. Partly this is because a great deal of application level code has been written, and some of it without much regard to security issues. Another factor is likely to be that firewall rule sets are gradually being tightened up in regard to other ports and services. Whatever the reasons, it would be desirable to study attacks and reconnaissance of vulnerable applications on web servers in the same way that honeyd and nepenthes have allowed us to study other exploits.
Read the Article
|
Fighting Internet Worms With Honeypots
This paper will evaluate the usefulness of using honeypots to fight Internet worms. The first part of the article will discuss some background information on worms and their ubiquity, then move on to discuss some of the interesting interactive functions of honeypots. Finally, we will study how a honeypot framework can be used to fight off Internet worms and even perform a counterattack, before we conclude with some future perspectives.
Read the Article
|
Definitions and Value of Honeypots
Honeypots are an exciting new technology with enormous potential for the security community. The concepts were first introduced by several icons in computer security, specifically Cliff Stoll in the book The Cuckoo's Egg", and Bill Cheswick's paper " An Evening with Berferd." Since then, honeypots have continued to evolve, developing into the powerful security tools they are today. The purpose of this paper is to explain exactly what honeypots are, their advantages and disadvatages, and their value to the security.
Read the Article
|
Dynamic Honeypots
For the past eight months we have been discussing what honeypots are, their value, their different types, and how they can be used and deployed. Today we will do something a little different. Instead of discussing what honeypots can do and how they work, we will take a look into the crystal ball and see what honeypots should do, how they could work. If I had a dream honeypot, this is what I would like to see in the future: the dynamic honeypot.
Read the Article
|
Fighting Spammers With Honeypots: Part 1
This paper will evaluate the usefulness of using honeypots to fight spammers. The first part of the article will explain some background information on spam. Then, we will try to understand how honeypots may detect, slow and stop such activities while promoting a clean Internet. Finally we will conclude with some future perspectives.
Read the Article
|
Fighting Spammers With Honeypots: Part 2
Most of the time, a spammer connecting to the open proxy server will try to send an initial email in order to check how the proxy is working. This moment can be crucial if you want to fool him properly.
Read the Article
|
|
|
Page: 1 2 3 4 5 6 7
Members currently browsing this category:
|
|
