Take a look at the key tools and techniques to detect honeypot targets.
- [Instructor] One of the techniques…that has been used for many years to detect intruders…at the perimeter and inside networks…is that of honeypots.…A honeypot is a target…which purports to be a legitimate system…but in fact is a lure put in place by a defender…to trap an intruder.…The objective may be to identify and prosecute…but more often, it's to monitor and understand…attacker techniques and eventually discourage them…from attacking the site.…Honeypots typically come as either low interaction honeypots…which present a service interface…but have little inside to maintain their pretense…as real systems.…
A high interaction honeypot, on the other hand,…provides a close to real system,…which tries to keep the attacker engaged…as long as possible.…A honeynet is a network of honeypots,…purporting to be a complete network environment…of real systems.…Once an attacker's source address is known,…they can be sinkholed, where their traffic…and any uploaded malware can be analyzed,…and the attackers are safely contained.…
Released
2/15/2017Note: Learning about ethical hacking for perimeter defenses is part of the Evading IDS, Firewalls, and Honeypots competency from the Certified Ethical Hacker (CEH) body of knowledge.
- Understanding firewalls
- Applying the basics of the Windows Firewall
- Using advanced features in the Windows Firewall
- Reviewing firewall logs
- Understanding Linux iptables
- Setting up an iptables firewall
- Managing rules with Firewall Builder
- Setting up a Cisco PIX firewall
- Creating a secure enclave
- Installing GNS3
- Understanding web application firewalls
- Protecting API services with the WSO2 gateway
- Running the Cowrie honeypot
- Detecting intrusions with Security Onion
Share this video
Embed this video
Video: Understanding honeypots