Protecting A Network Using Honey Pots

network-hpotThese days it’s possible to feel completely confident about hacker attacks as long as you have the most effective security in place. But what is the most effective security? How do hackers work? How can you feel completely confident?

If you want to know, read on.

In order to attack someones network, you will need to know as much as you can about that network, so gathering as much information as possible is pretty much where they all start. The information can be technical or non-technical, for example, the partners of the target can be useful for them to know, the location of all office branches etc. This information can help hackers understand the possible technologies in place to stop them.

Technical information may contain IP addresses in use, services available, etc. More services running on servers means more entry points. More entry points make it easier to get access.

The more services running on servers means more points of entry for the hackers. For example, if you saw that server A only had port 21 open, but server B had 7 different ports open, then server B is the clear choice for entry because each open port is an entry point and you get full access if you can bypass the security to one port entry point, so the one with more options would be the clear choice.

Now what if I deployed SERVER-B just to grab your attention, distracting you from some meaningful server SERVER-A. I may install a (fake) server SERVER-B for hackers to attack so as to safe guard my production servers, as soon as they start I can now study attack patterns. Is it not a brilliant idea? That’s called the honey pot.

Basically, what a honey pot is is effectively a trap designed to detect, distract and generally counter attempts to hack into your servers. Usually its in the form of data or a network that appears to be part of your main system and to contain valuable data, but in fact its isolated and monitored.

A honeypot is valuable as a surveillance and early-warning tool. It can carry risks to a network, and must be handled with care. If they are not properly walled off, an attacker can use them to break into a system. Honeypots can be classified based on their deployment and based on their level of involvement. Based on the deployment, they can be classified as:

Production Honey Pots  and Research Honey Pots

Production Honey Pots: These Honey Pots are used mainly by the bigger companies and corporations in order to increase their overall security. They are easy to use, and only capture a small amount of information which would be useless to a hacker.

Research Honey Pots: These are run by volunteers or an educational organization to simply gather information about how hackers work, their motives and tactics in order to create better protection from them.

To learn about great ways to enhance your software security and train to become an expert in their uses, browse through the security training courses on where you’ll also find a great range of cisco training courses.

Tags: , , , , , , , , , ,

Category: Computer Networking

Comments (0)

Trackback URL | Comments RSS Feed

There are no comments yet. Why not be the first to speak your mind.

Leave a Reply

WP-SpamFree by Pole Position Marketing