Vistas for Network Security
Network Security
Computer Security Breach
Network Security and OS
Linux Network Security
Home Network Security
Wireless Network Security
Enterprise security
Spy BOT
Advantages of Honey Pots
Unified threat management
Information Security Policy
Denial of service
Effective solutions
Vulnerability Assessment
Intrusion Prevention
Firewall and Security
Network Security Solutions
Hacking Port Scanners
Tools and standards
Network tools
Security Standard by IETF
Network Security Websites
Business Network policy
Free Newsletter

Stay updated, sign up for our free newsletter to receive useful tips

Full Name
Email Id
sign up

Deployment of Honeypot and Honeynet

How is Honeypot Deployed?
Honeypots are determined as low interaction and high interaction. Low interaction honeypots do not allow much of access and hence the operating system is safe. Many honeypot softwares are open source soft wares and are easy to deploy. There is ease in monitoring and not much configuration of rules or signatures on regular basis.

Honeypot software is deployed along with the IDS or firewalls. Some of the available software are
  • KFSensor
  • Honeyd
  • Specter
  • BackOfficer Friendly
  • LaBrea Tarpit
How is Honeynet deployed?
These are more complex systems and require being a separated network of honeypots within the honeynet. These systems need to be built and maintained as regular networks. The complex part is the configuration of the honeynet gateway. Another major configuration setup that is prevalent is the virtual honeynet. It is the creating of a network of honeypots except that all the honeypots are on a single PC. Since they are virtual there are advantages and disadvantages to its operation. The advantage is lesser resources, reduced costs and easier management. The disadvantage is that you are limited to the operating system based on the architecture of the computer you use and if the virtualization software is compromised then the whole honeynet is taken over by the attacker. There are two types in virtual honeynet
  • Self contained virtual Honeynet
  • Hybrid Virtual Honeynet
Advantages of Honeypots and honeynets
Honey pots can operate on a variety of systems. Most software is available for UNIX systems, many of this software have been ported to Windows network. Honeypots and honeynets are soon complementing the service offered by firewalls and intrusion detection systems. They have been successful where the other systems have failed
  • IDS generates too much of data and generates too many alerts. At the time of the attack what is critical is the amount of time taken to analyze the data and the resources available. With the honeypot or honeynet data is recorded only when there is an interaction. When compared to IDS the data set of unauthorized activity is smaller and hence it is more effective.
  • IDS generates many false alerts and this is the problem as the administrator may begin to ignore them and when an actual attack is occurring he/she may ignore that as well.
  • An ID has failed when new intrusions that are not in the attack signature database occur.
  • Comparing the resources of the IDS and the honeypot; the honeypot scores on many points of lesser hardware on large networks.
  • Encryption is now being used as a tool for privacy and hackers too have now begun to adopt encryption techniques which make it difficult for IDS to monitor the traffic. Even with encryption the activity is captured on Honeypots and honeynets.
With honeynets and honeypots we can thus
  • Discover the methods of intruder probes.
  • Keeping a record of the intruders activities
  • With the data you can build a cyber crime case.
  • Law enforcement and prosecution of intruders.
Arguments against the use of honeypots are being aired as a threat to the privacy of an individual. In a way that information about the individual is collected on a honeynet without his/her consent. Law can be understood and made to mean different things yet network security analysis and network security management decides on which individuals have had a malicious intent and who did not. It is clear by the action in the honeynet that intruders use methods that is already known and that is how decisions are made. Whatever the network security solution the clever hacker who tries out the new methods go unscathed while the copy cats with half knowledge gets stuck.

When it comes to honeypots and security it is good to exercise caution during installation of a honey pot. It should be installed on a separate system and not on the existing/original drive and also be sure you have installed all the service packs and patches of the operating system on the original drive.

Related Articles
Botnets: Are you a Victim of This Spy Network?
Better Security with Unified Threat Management Appliances
How to Prepare a Proper Enterprise Network Security Plan?
Are you Denied Access to Any Website or Internet?

Bookmark this page Email this to your friend Add this page to del.icio.us




White Papers

Linux System Administration
Linux Programming
Spectrum of Internet Threats

Suggest an Article

Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments.