HONEYPOTS An Intrusion Detection System. Index Intrusion Detection System Host bases Intrusion Detection System Network Based Intrusion Detection System

Download HONEYPOTS An Intrusion Detection System. Index Intrusion Detection System Host bases Intrusion Detection System Network Based Intrusion Detection System

Post on 18-Jan-2018

215 views

Category:

Documents

0 download

Embed Size (px)

DESCRIPTION

Intrusion Detection System What is IDS? History Hey wait a minute doesnt Firewall do the same thing? Types of IDS

TRANSCRIPT

<p>HONEYPOTS An Intrusion Detection System Index Intrusion Detection System Host bases Intrusion Detection System Network Based Intrusion Detection System Honeypot Motivation behind Honeypot Working and Configuration Advantages of Honeypots Feasibility Conclusion Intrusion Detection System What is IDS? History Hey wait a minute doesnt Firewall do the same thing? Types of IDS Host based intrusion Detection System Monitoring the System Techniques How to fool HIDS? Network Based Intrusion Detection System Monitoring the Network -&gt;-&gt; How to fool NIDS? NIDS Internet NIDS Why do we need Honeypots? The Magic word that solves most of the worlds problems : INFORMATION Doesn't HIDS and NIDS do the same thing, then why Honeypot? -&gt;-&gt; OH!, That is why we need Honeypots -&gt; What are the problems in other IDS Large Dataset problem Not all attacks are detected False positive and false negative problem Time factor -&gt; Basic Idea Setup -&gt;-&gt; Working -&gt;-&gt; Setup Internet Firewall Potential Honeypot Working Internet Firewall Potential Honeypot Working and Configuration Rerouting System log files Dummy log files Network packet sniffing Monitoring system binaries Advantages and Disadvantages Advantages: easily determine exploit being used allows administrators to patch systems accordingly protect production systems from attacks Disadvantages: Extra overhead costs Extra hardware/man hours Legal issues Well known packages used to create Honeypot Commercial honeypots CyberCop Sting ManTrap Deception Tool Kit Other Packages Tripwire INTACT INTEGRIT SAMHAIN SIDEKICK Feasibility With proper knowledge, not too difficult to set up Does require some extra hardware Does require some extra man hours to monitor system Conclusion Honeypots are a good option for network security More overhead cost and work to maintain The future of Honeypots</p>

Recommended

View more >