Understanding honeypots

- [Instructor] One of the techniques…that has been used for many years to detect intruders…at the perimeter and inside networks…is that of honeypots.…A honeypot is a target…which purports to be a legitimate system…but in fact is a lure put in place by a defender…to trap an intruder.…The objective may be to identify and prosecute…but more often, it's to monitor and understand…attacker techniques and eventually discourage them…from attacking the site.…Honeypots typically come as either low interaction honeypots…which present a service interface…but have little inside to maintain their pretense…as real systems.…

A high interaction honeypot, on the other hand,…provides a close to real system,…which tries to keep the attacker engaged…as long as possible.…A honeynet is a network of honeypots,…purporting to be a complete network environment…of real systems.…Once an attacker's source address is known,…they can be sinkholed, where their traffic…and any uploaded malware can be analyzed,…and the attackers are safely contained.…