SlideShare a Scribd company logo

Introduction to Honeypots

Emil Tan
Emil Tan

Edgis Sharing Session – Introduction to Honeypots at Whitehat Society, Singapore Management University September 2012 at Computing Society, Royal Holloway, University of London February 2013

Technology
1 of 12
Download to read offline
EmilTan Team Lead, Co-Founder http://edgis-security.org @EdgisSecurity Research Guide http://honeynet.sg Introduction to Honeypots
The Honeynet Project. The Honeynet Project is a leading international 501c3 non-profit security research organisation, dedicated to investigating the latest attacks and developing open source security tools to improve Internet security. Founded in 1999,The Honeynet Project has contributed to fight against malware and malicious hacking attacks and has the leading security professional among members and alumni.  Website: http://www.honeynet.org/ http://www.honeynet.sg
Agenda.  What is honeypot.  What types of honeypot are there.  Introduction to honeypot tools.  How to deploy them.  Deployment considerations.  Operational considerations.  Governance considerations.  Legal considerations.
What is honeypot.  Information system resources which has no production values.  It values lies in unauthorised or illicit use of that resource.  It values lies in being probed, attacked, or compromised. -- Spitzner  Intelligence gathering  Analyse trends / behaviours; Know your enemy.  Decoy / Bait
Types of honeypot.  High interaction:  An actual machine.  Rich content; Fully emulated shells; Fully replicated services.  Low interaction:  A program.  Emulate specific services; limited interactivities.  Honeytoken  Hybrid
Honeypot tools.  High interaction:  De facto security tools (NIDS, HIDS, etc)  In-depth Data Capture tools (Sebek, Qebek, Capture-HPC).  EgressTraffic Control (Snort Inline, iptables)  Perimeter – Honeywall (Roo)  WebApplication – Glastopf  SSL Proxy &Traffic Analyser – HoneyProxy  USB Malware – Ghost USB  Low interactions:  De facto low interaction – Honeyd  Common ports –Tiny Honeypot  Malware – Dionaea (… Honeytrap?)  WebApplication – Glastopf  USB Malware – Ghost USB  SSH – Kippo, Kojoney  Blacklisting – Honeyports
Kojoney.  Low interaction SSH honeypot.  Emulate SSH service.
Kojoney Logs.
Kojoney Reports.
Tiny Honeypot.  Written by George Bakos  Alpinista.org  Low interaction honeypot.  Based on iptables and xinetd listener.  Emulate well-known services:  HTTP  FTP
Honeytrap.  Written byTillmannWerner.  Low interaction Malware collection honeypot.  Dynamic reaction to incoming traffics:  Pcap-based sniffer  IP_Queue interface
Deployment & Considerations.  More Considerations  Roles and Responsibilities Deployment Considerations High or low interaction What do you want from your honeypots? Honeypot tools What do you want from your honeypots? Placed in internal or external networks What do you want from your honeypots? Configuration of your honeypots. Physical or virtual environment Costs & Maintenance Dynamics / Programmability Nature of the dynamics Level of vulnerability What do you want from your honeypots? Legal considerations

Recommended

Honeypot 101 (slide share)
Honeypot 101 (slide share)Honeypot 101 (slide share)
Honeypot 101 (slide share)
Emil Tan
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
samrat saurabh
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypot
tushar mandal
 
Honey pot day 1
Honey pot day 1Honey pot day 1
Honey pot day 1
krishna chaitanya
 
Seminar Report on Honeypot
Seminar Report on HoneypotSeminar Report on Honeypot
Seminar Report on Honeypot
Amit Poonia
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
Arya AR
 
Honey pot in cloud computing
Honey pot in cloud computingHoney pot in cloud computing
Honey pot in cloud computing
أحلام انصارى
 

Recommended

Honeypot 101 (slide share)
Honeypot 101 (slide share)Honeypot 101 (slide share)
Honeypot 101 (slide share)
Emil Tan
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
samrat saurabh
 
Tushar mandal.honeypot
Tushar mandal.honeypotTushar mandal.honeypot
Tushar mandal.honeypot
tushar mandal
 
Honey pot day 1
Honey pot day 1Honey pot day 1
Honey pot day 1
krishna chaitanya
 
Seminar Report on Honeypot
Seminar Report on HoneypotSeminar Report on Honeypot
Seminar Report on Honeypot
Amit Poonia
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
 
Honey po tppt
Honey po tpptHoney po tppt
Honey po tppt
Arya AR
 
Honey pot in cloud computing
Honey pot in cloud computingHoney pot in cloud computing
Honey pot in cloud computing
أحلام انصارى
 
Honeypot
HoneypotHoneypot
Honeypot
Akhil Sahajan
 
Honeypots
HoneypotsHoneypots
Honeypots
J. Scott Christianson
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
Rasool Irfan
 
Honeypot
HoneypotHoneypot
Honeypot
Shashwat Shriparv
 
Honeypot
HoneypotHoneypot
Honeypot
Syeda Khadizatul maria
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
Kirubaburi R
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
Manoj kumawat
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
SILPI ROSAN
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)
Ravindra Singh Rathore
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypot
Elham Hormozi
 
Honey pots
Honey potsHoney pots
Honey pots
Divya korrapati
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackers
Bhaskarasai Chitturi
 
Honeypots
HoneypotsHoneypots
Honeypots
SARANYA S
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network security
chella mani
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 
Honeypot
Honeypot Honeypot
Honeypot
Sushan Sharma
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
Vishal Tandel
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
Kajal Mittal
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
Momita Sharma
 
Honeypots
HoneypotsHoneypots
Honeypots
Bilal ZIANE
 
Securing Mobile & Online Identity in the Cyber World
Securing Mobile & Online Identity in the Cyber WorldSecuring Mobile & Online Identity in the Cyber World
Securing Mobile & Online Identity in the Cyber World
Emil Tan
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
Emil Tan
 

More Related Content

What's hot

Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
SILPI ROSAN
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network security
chella mani
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 

What's hot (20)

Honeypot
HoneypotHoneypot
Honeypot
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypot
HoneypotHoneypot
Honeypot
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
 
Honeypot Basics
Honeypot BasicsHoneypot Basics
Honeypot Basics
 
Honeypot-A Brief Overview
Honeypot-A Brief OverviewHoneypot-A Brief Overview
Honeypot-A Brief Overview
 
Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)Honeypots (Ravindra Singh Rathore)
Honeypots (Ravindra Singh Rathore)
 
Virtual honeypot
Virtual honeypotVirtual honeypot
Virtual honeypot
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot a trap to hackers
Honeypot a trap to hackersHoneypot a trap to hackers
Honeypot a trap to hackers
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Hybrid honeypots for network security
Hybrid honeypots for network securityHybrid honeypots for network security
Hybrid honeypots for network security
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honeypot
Honeypot Honeypot
Honeypot
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Honeypot ss
Honeypot ssHoneypot ss
Honeypot ss
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Honeypots
HoneypotsHoneypots
Honeypots
 

Viewers also liked

Viewers also liked (6)

Securing Mobile & Online Identity in the Cyber World
Securing Mobile & Online Identity in the Cyber WorldSecuring Mobile & Online Identity in the Cyber World
Securing Mobile & Online Identity in the Cyber World
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
 
Stalking in the Cyberspace
Stalking in the CyberspaceStalking in the Cyberspace
Stalking in the Cyberspace
 
A Multidisciplinary Perspective on Cybersecurity
A Multidisciplinary Perspective on CybersecurityA Multidisciplinary Perspective on Cybersecurity
A Multidisciplinary Perspective on Cybersecurity
 
All about Honeypots & Honeynets
All about Honeypots & HoneynetsAll about Honeypots & Honeynets
All about Honeypots & Honeynets
 
A Guide to Human Geography
A Guide to Human GeographyA Guide to Human Geography
A Guide to Human Geography
 

Similar to Introduction to Honeypots

honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdf
Poooi2
 
honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptx
Poooi2
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptx
Poooi2
 
Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar report
Inder NeGi
 
Honeypot2
Honeypot2Honeypot2
Honeypot2
KirtiGoyal25
 

Similar to Introduction to Honeypots (20)

Honeypot and deception
Honeypot and deceptionHoneypot and deception
Honeypot and deception
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypots
HoneypotsHoneypots
Honeypots
 
honeypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdfhoneypots-140921060716-phpapp01 (1).pdf
honeypots-140921060716-phpapp01 (1).pdf
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
honeypotss.pptx
honeypotss.pptxhoneypotss.pptx
honeypotss.pptx
 
honeypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptxhoneypots-140921060716-phpapp01 (1).pptx
honeypots-140921060716-phpapp01 (1).pptx
 
honeypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptxhoneypots-1409210990716-phpapp01 (2).pptx
honeypots-1409210990716-phpapp01 (2).pptx
 
Honey pots
Honey potsHoney pots
Honey pots
 
Honeypot Project
Honeypot ProjectHoneypot Project
Honeypot Project
 
Honeypot seminar report
Honeypot seminar reportHoneypot seminar report
Honeypot seminar report
 
Honeypot2
Honeypot2Honeypot2
Honeypot2
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
Honeypot: A Security Tool in Intrusion Detection
Honeypot: A Security Tool in Intrusion DetectionHoneypot: A Security Tool in Intrusion Detection
Honeypot: A Security Tool in Intrusion Detection
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Introduction to Honeypots

  • 1. EmilTan Team Lead, Co-Founder http://edgis-security.org @EdgisSecurity Research Guide http://honeynet.sg Introduction to Honeypots
  • 2. The Honeynet Project. The Honeynet Project is a leading international 501c3 non-profit security research organisation, dedicated to investigating the latest attacks and developing open source security tools to improve Internet security. Founded in 1999,The Honeynet Project has contributed to fight against malware and malicious hacking attacks and has the leading security professional among members and alumni.  Website: http://www.honeynet.org/ http://www.honeynet.sg
  • 3. Agenda.  What is honeypot.  What types of honeypot are there.  Introduction to honeypot tools.  How to deploy them.  Deployment considerations.  Operational considerations.  Governance considerations.  Legal considerations.
  • 4. What is honeypot.  Information system resources which has no production values.  It values lies in unauthorised or illicit use of that resource.  It values lies in being probed, attacked, or compromised. -- Spitzner  Intelligence gathering  Analyse trends / behaviours; Know your enemy.  Decoy / Bait
  • 5. Types of honeypot.  High interaction:  An actual machine.  Rich content; Fully emulated shells; Fully replicated services.  Low interaction:  A program.  Emulate specific services; limited interactivities.  Honeytoken  Hybrid
  • 6. Honeypot tools.  High interaction:  De facto security tools (NIDS, HIDS, etc)  In-depth Data Capture tools (Sebek, Qebek, Capture-HPC).  EgressTraffic Control (Snort Inline, iptables)  Perimeter – Honeywall (Roo)  WebApplication – Glastopf  SSL Proxy &Traffic Analyser – HoneyProxy  USB Malware – Ghost USB  Low interactions:  De facto low interaction – Honeyd  Common ports –Tiny Honeypot  Malware – Dionaea (… Honeytrap?)  WebApplication – Glastopf  USB Malware – Ghost USB  SSH – Kippo, Kojoney  Blacklisting – Honeyports
  • 7. Kojoney.  Low interaction SSH honeypot.  Emulate SSH service.
  • 10. Tiny Honeypot.  Written by George Bakos  Alpinista.org  Low interaction honeypot.  Based on iptables and xinetd listener.  Emulate well-known services:  HTTP  FTP
  • 11. Honeytrap.  Written byTillmannWerner.  Low interaction Malware collection honeypot.  Dynamic reaction to incoming traffics:  Pcap-based sniffer  IP_Queue interface
  • 12. Deployment & Considerations.  More Considerations  Roles and Responsibilities Deployment Considerations High or low interaction What do you want from your honeypots? Honeypot tools What do you want from your honeypots? Placed in internal or external networks What do you want from your honeypots? Configuration of your honeypots. Physical or virtual environment Costs & Maintenance Dynamics / Programmability Nature of the dynamics Level of vulnerability What do you want from your honeypots? Legal considerations