Linux – Honey Pot

Directly quoted from Wikipedia;

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.

Usually the Honeypot is a virtual server that ‘pretends’ to be a server with serious security holes. Just enough holes so that the hacker/cracker might find it interesting to dig in to. While getting there attention on this very bad secured server they will be distracted and spend there time on a useless job.

There are many opensource programs available to setup a Honeypot that you can use: Tiny Honeypot, Single-honeypot, KFSensor and many more. Honeyd is a good honeypot implementation to start with, it’s simple and cross-platform.

After the installation this software will save documentation of all attempts to log on, connect or crack the server. Honeyd also emulates any operating system at the network stack level, so if an intruder attempts to detect your operating system with a tool such as nmap, honeyd will deceive him and provide bogus information that you have created.


Geef een reactie

%d bloggers liken dit: