Honeypots and Honeynets. Alex Dietz. Purpose. To discover methods used to breach a system To discover new root kits To learn what changes are made to a system and their effects To not be discovered To discourage an attack. Production honeypot vs Research honeypot.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Traditionally a layer 2 bridging device that
has no IP stack, meaning the device
should be invisible to anyone interacting
with the honeypots or honeynets.
Img: Kent State University
• The operator can be held accountable if the honeypot is compromised and used to launch additional attacks.
-Varies state by state
• Can violate the Federal Wiretap Act
-Under most situations they are exempt
Ex. Attacker sets up an IRC server and users connect without knowing the system has been compromised
? ? nature