20
HONEYNET TECHNOLOGIES By Kritika Saini (02113702016) and Mostakim Mullick (02213702016)

Honeynet technolgy

Embed Size (px)

Citation preview

Page 1: Honeynet technolgy

HONEYNET TECHNOLOGIES

By Kritika Saini (02113702016)and Mostakim Mullick (02213702016)

Page 2: Honeynet technolgy
Page 3: Honeynet technolgy

Introduction• About Honey Pot• About Honey Net• About Honey Net Project

https://www.youtube.com/watch?v=hzTg4zPBtDU

Page 4: Honeynet technolgy

About Honey Pot• It is a computer security mechanism set to detect, deflect, or, in some

manner, counteract attempts at unauthorized use of information systems.

• It consists of data that appears to be a legitimate part of the site but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, which are then blocked.

Page 5: Honeynet technolgy

Types of Honey PotsHoney pots are classified into two categories:• On the basis of use or action: (i) Production Honeypots (ii) Research Honeypots• On the basis of design: (i) Pure Honeypots (ii) High-Interaction Honeypots (iii) Low-Interaction Honeypots

Page 6: Honeynet technolgy

On the basis of use or action:Production Honeypots

• These are easy to use, capture only limited information, and are used primarily by companies or corporations.

• These are placed inside the production network with other production servers by an organization to improve their overall state of security.

Research Honeypots• These are run to gather

information about the motives and tactics of the Black hat community targeting different networks.

• These honeypots do not add direct value to a specific organization; instead, they are used to research the threats that organizations face and to learn how to better protect against those threats.

Page 7: Honeynet technolgy

On the basis of design:Pure Honey Pots

• These are full-fledged production.

• The activities of the attacker are monitored by using a casual tap that has been installed on the honeypot's link to the network.

• No other software needs to be installed

High-Interaction Honey Pots

• They imitate the activities of the production systems that host a variety of services and, therefore, an attacker may be allowed a lot of services to waste his time. 

• They provide more security by being difficult to detect, but they are expensive to maintain.

• Example: Honey Net

Low-Interaction Honey Pots

• It simulates only the services frequently requested by attackers.

• Since they consume relatively few resources, multiple virtual machines can easily be hosted on one physical system, the virtual systems have a short response time, and less code is required, reducing the complexity of the virtual system's security.

• Example: Honeyd

Page 8: Honeynet technolgy

About Honey Net• The concept of the honey net first began in 1999 when Lance

Spitzner, founder of the Honey net Project, published the paper "To Build a Honeypot“.

• A honey net is a network of high interaction honeypots that simulates a production network and configured such that all activity is monitored, recorded and in a degree, discreetly regulated.

• A honey net is used for monitoring a larger or more diverse network in which one honeypot may not be sufficient.

Page 9: Honeynet technolgy

Generations of Honey Net• Generation I:

• Simple Methodology, Limited Capability• Highly effective at detecting automated attacks• Use Reverse Firewall for Data Control• Can be fingerprinted by a skilled hacker• Runs at OSI Layer 3

• Generation II:• More Complex to Deploy and Maintain• Examine Outbound Data and make determination to block, pass, or modify data• Runs at OSI Layer 2

Page 10: Honeynet technolgy

How Honey Net works?• A highly controlled network

• where every packet entering or leaving is monitored, captured, and analyzed.

• Should satisfy two critical requirements:• Data Control: defines how activity is contained

within the honey net, without an attacker knowing it• Data Capture: logging all of the attacker’s activity

without the attacker knowing it

• Data control has priority over data capture

Page 11: Honeynet technolgy

Anti-spam configuration.

Page 12: Honeynet technolgy

About Honey Net Project• It is an international security research organization, "dedicated to

investigating the latest attacks, developing open source security tools to improve Internet security and learning how malicious hackers behave."

• The Project volunteers have contributed to fight against malware , discovered new attacks and created security tools used by businesses and government agencies.

Page 13: Honeynet technolgy

History• The Honey net Project began in 1999 as a small mailing list of a group of

people.

• Over time, the group expanded and officially dubbed itself as the Honey net Project in June 2000.

• Today ,it includes dozens of active chapters around the world, including Brazil, Indonesia, Greece, India, Mexico, Iran, Australia, Ireland, and many in the United States.

• This gives the project a more global approach to gathering its research

and raising the awareness of information security.

Page 14: Honeynet technolgy

The Project’s GoalsThe Honey net Project focuses on three primary goals:

• The first is to raise awareness of the existing threats on the Internet. • The second goal is to conduct research covering data analysis

approaches, unique security tool development and gathering data about attackers and malicious software they use.

• The third goal is to provide the tools and techniques used by the Honey net Project so that other organizations can benefit.

Page 15: Honeynet technolgy

Disadvantages.• Can be used by attacker to attack other sysytems.• Only monitors interactions made directly with the honeypots.• Can potentially be detected by attackers.

Page 16: Honeynet technolgy

Glastopf is a

Python web application honeypot founded by Lukas Rist.

Page 17: Honeynet technolgy

Glaspot is the third version of the web application honeypot Glastopf and it come with some very powerful new features:

• A build-in PHP sandbox for code injection emulation, allowing us to bring vulnerability emulation to a new level.

• Hooked up to the HPFeeds generic data feed system for centralized data collection and tight integration into our sandbox and web server botnet monitoring system.

• Modular implementation: Turn your web application into a honeypot with a few easy steps.

• Runs in his own lightweight Python server or as a WSGI module in common web server environments.

• Automated attack surface generation and expansion.

http://glastopf.org/
http://hpfeeds.honeycloud.net/
Page 18: Honeynet technolgy

During the month of June the following information was obtained from Glastopf installations worldwide.

Geographical spread.

  

Page 19: Honeynet technolgy

References• Schneier, Bruce (15 June 2001). "Honeypots and the Honey

net Project“. Crypto-Gram. Retrieved 27 October 2014.•  Groups directory : The Honey net Project. Honeynet.org.

Retrieved on 2013-10-30.• Projects :The Honey net Project. Honeynet.org. Retrieved on

2013-10-30.•  About The Honey net Project | The Honey net Project.

Honeynet.org. Retrieved on 2013-10-30.

Page 20: Honeynet technolgy

Honey-net tech


5. technolgy changes

5. technolgy changes

Education
Assistive Technolgy Officer

Assistive Technolgy Officer

Education
Technolgy Sector PowerPoint

Technolgy Sector PowerPoint

Documents
Lindsays Technolgy Pp

Lindsays Technolgy Pp

Education
Nano technolgy

Nano technolgy

Engineering
Stealth fighter technolgy

Stealth fighter technolgy

Engineering
Thz technolgy

Thz technolgy

Documents
Wi max technolgy

Wi max technolgy

Technology
The Italian Honeynet Chapter

The Italian Honeynet Chapter

Documents
Aryan (Turbine Technolgy

Aryan (Turbine Technolgy

Documents
UNFRIENDing Technolgy

UNFRIENDing Technolgy

Art & Photos
Honey Inspector Mike Clark Honeynet Project. Honeynet Inspector Background

Honey Inspector Mike Clark Honeynet Project. Honeynet Inspector Background

Documents
Wts technolgy

Wts technolgy

Documents
Spanish Honeynet Project

Spanish Honeynet Project

Technology
3way technolgy, ltd

3way technolgy, ltd

Education
Brake Override Technolgy

Brake Override Technolgy

Automotive
Flash Memory Technolgy

Flash Memory Technolgy

Documents
Hurdle Technolgy

Hurdle Technolgy

Documents
Zigbee technolgy

Zigbee technolgy

Engineering
precast technolgy

precast technolgy

Documents
Honeynet Challenge 7

Honeynet Challenge 7

Documents
Honeynet Threat Sharing Platform · LINUX SERVER. Indonesia Honeynet Project (IHP) Threat Map 10. Early Warning System (Honeynet Portal at BSSN) 11. Threat Sharing Platform Architecture

Honeynet Threat Sharing Platform · LINUX SERVER. Indonesia Honeynet Project (IHP) Threat Map 10. Early Warning System (Honeynet Portal at BSSN) 11. Threat Sharing Platform Architecture

Documents
Wan Technolgy

Wan Technolgy

Documents
Honeynet Handbook

Honeynet Handbook

Documents
Technolgy & Batbc 514

Technolgy & Batbc 514

Documents
military technolgy

military technolgy

Documents
THP:  Tunisian Honeynet Project « Saher -Honeynet » Speaker: Hafidh EL FALEH

THP:  Tunisian Honeynet Project « Saher -Honeynet » Speaker: Hafidh EL FALEH

Documents
Technolgy q 4

Technolgy q 4

Technology
Honeypot honeynet

Honeypot honeynet

Technology
Sistemas Honeynet

Sistemas Honeynet

Technology