Honeypots: simple, cost-effective detection

Thursday, 1 May 2003, 12:21 AM EST

This is the fourth article in an ongoing series examining honeypots. In previous installments, we have covered two different honeypot solutions: Honeyd and Specter. Both honeypots are low-interaction production solutions; their purpose is to help protect organizations, as opposed to research honeypots, which are used to gather information. Production honeypots work by emulating a variety of services and operating systems. Honeyd, an OpenSource solution, is considered more powerful and flexible than Specter, but it is also more difficult to use. Specter, a commercially supported solution, is easier to use as it runs on Windows. In this paper we take a step back for a moment and discuss the value of honeypot technologies in general. Why would you want to deploy production honeypots in your organization? How can a honeypot help security professionals to do their job more effectively?

As you are about to find out, the answer is very simple: honeypots are a simple, cost-effective way to detect illicit, unauthorized activity. This article will examine the role of detection in the overall security strategy. It will then discuss some traditional detection approaches as well as some problems inherent in those approaches. It will then show how honeypots effectively overcome those problems, thereby strengthening the detection component of the security strategy.

[ Read more ]

Related items




Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //