Tuesday, August 16, 2011

Understanding Honeypots - The Trap!!



First thing any hacker would do to compromise any network is gathering information passively and seeking vulnerable services as well as ports. And this is where Honeypots play a role of fake vulnerability in network.
Honeypots are fake theoretically, but not practically. They are real vulnerabilities in Network intentionally kept open & designed to gather information about the possible attack / attacker.



How Honeypots work?

This fake vulnerability attracts any hacker towards it & he would try to compromise it. The Honeypot will itself stores the data regarding how hacker is trying to break it, what tools he might be using, his intentions, keystrokes and many such things.

This information is useful to network security administrator in many ways. Generally the attack is not done in one shot. Hackers try some initial attacks. And based on its results he hacks into major network flaws after some days.

So Honeypots help security people to secure the networks from the information they have gathered from initial attack. They are called as honey pots only because they are made available in network of vulnerabilities like Honey Comb.


Are Honeypots Vulnerable itself?

Sure they are. There are lot of smart ass hackers – who if anyhow come to know that they are dealing with Honeypots, They can totally screw things up.

Because, they are actually dealing with the system file in the network. So they are already inside it without any breakdown. If they can compromise this fake vulnerability Honeypot i.e. that they can surely break in to the system in less time.

Vulnerability is a vulnerable after all & Honeypots too. But there are very rare chances for attacker to identify it & needs great experience. So, planting Honeypot into any network architecture would be a more secure scenario for any host or network.
Feel free to add your comments and suggestions.

DARKLORD!!

2 comments:

  1. nice work..keep posting

    ReplyDelete
  2. from where can wo download these honypot softwares?

    ReplyDelete