keamanan jaringan honeypot · 2019. 12. 18. · honeynet : kumpulan sistem untuk menjebak honeypot...

14

Keamanan Jaringan Honeypot Bongga Arifwidodo [email protected]

Upload: others

Post on 07-Feb-2021

7 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Keamanan Jaringan

Honeypot

Bongga [email protected]
Agenda

• Latar belakang• Pengenalan Honeypot• macam-macam Honeypot• Visualisasi Honeypot dengan ELK
Latar Belakang
Threats Detection Strategy
Honeypot
Ilustrasi :

Honeypot : sistem yang dibuat untuk menjebakHoneynet : kumpulan sistem untuk menjebak

Honeypot

Honeynet
Honeypot - Dionaea
Macam-macam Honeypot :

Tools yang digunakan menurut serangan yang datang :

a. Kippo is an SSH honeypot that can log brute force attacks, where remote the remote attempts to guess logon credentials of an SSH server. Best of all, Kippo is able to record and replay the attacker’s interactions with the emulated shell on the fake SSH server.

b. Glastopf is a web application honeypot. It emulates often-exploited web vulnerabilities, such as remote and local file inclusion and SQL injection. Glastopf examines the attacker’s HTTP request and attempts to respond according to expectations to, for instance, download malicious files.

c. Dionaea is a honeypot for collecting malware. It emulates vulnerabilities in Windows services often targeted by malware, such as SMB, HTTP, TFP and FTP. Dionaea’s handling of the SMB protocol is particularly liked by researchers, as is its ability to emulate the execution of the attacker’s shellcode.

d. Thug is a client-side honeypot (honeyclient) that emulates a web browser. It is designed to automatically interact with the malicious website to explore its exploits and malicious artifacts, often in the form of JavaScript.
Sekilas tentang System ELK

sumber => https://github.com/riupie/honeypot-elk/wiki/Instalasi-ELK-Stack
Tantangan Visualisasi log Honeypot

mengolah log serangan pada Honeypot dionaea untuk dapat di analisis menggunakan engine Elasticsearch kemudian ditampilkan dalam bentuk visualisasi menggunakan engine Kibana.
Engine Kibana
Engine Kibana . . .
Engine Kibana . . .
Agar efektig silahkan kerjakan Tugas berikut :

Carilah informasi meliputi :1. cara kerja/sitem kerja2. kekurangan/kelebihannya

• Kippo• Glastopf• Dionaea• Thug

dikerjakan di kertas jangan lupa tulis nama_nimdikumpulkan jam 14:30 melalui ketua kelas

A Honeynet within the German Research Network ...€¦ · A honeynet is a screened and controlled network of honeypots. A honeypot is a system whose single purpose is to be probed,

“Honeypot, Honeynet, Honeytoken: Terminological · PDF fileWhite Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues2” Fabien Pouget, Marc Dacier Hervé Debar Institut

Honeynet Weekly Report Canadian Institute for ... · The honeypot runs with http on port 8443 and IKE on port 5000. It is tested on our network, but we haven’t received CVE-2018-0101

Honeypot honeynet

HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in

The Honeynet Project Advancements in Honeypot Tools

Experimenting with Live Cyberattackers for Testing … · Experiment 3: A fake Web site . Honeynet setup . Honeypot Snort alert counts clustered 3 ways . Experiment 1: Packet manipulations

Virtual honeypot

The Italian Honeynet Chapter

THP: Tunisian Honeynet Project « Saher -Honeynet » Speaker: Hafidh EL FALEH

Distributed Honeypot Deployment in Brazil - CERT.br...About Honeynet.BR •March/2002: first honeynet deployed •June/2002: joined the Honeynet Research Alliance •September/2003:

Honeypot-based Forensics - Honeynet Projectold.honeynet.org/papers/individual/AusCERT_fullpaper_BIS.pdf · Spit02]. However IDSs can only be seen as complementary analysis tools and

Honeypots - An Overview By Lance Spitzner. Your Speaker President, Honeypot Technologies Inc. Founder, Honeynet Project & Moderator, honeypot mailing

Rapport Honeypot

The Honeynet Project Introduction

Honeynet Weekly Report Canadian Institute for ... · the demand for honeypot technology has only increased. Efforts to monitor attackers have been continued at the Canadian Honeynet

Honeynet architecture

Honeynet Weekly Report Canadian Institute for ... · Report(8) Captured from 23-03-2018 to 06-04-2018 1-Introduction The first honeypot studies released by Clifford Stoll in 1990,

Data Capture and Analysis C-DAC Mohali. Overview Honeynet/Honeypot Technology ◦ Honeypot/Honeynet Backgroud ◦ Type of Honeypots ◦ Deployment of Honeypots

Honeypots: Catching the Insider Threat - ACSAC 2017 · PDF fileYour Speaker! President, Honeypot Technologies Inc.! Founder, Honeynet Project & Moderator, honeypot mailing list! Author,

Honeynet Threat Sharing Platform · LINUX SERVER. Indonesia Honeynet Project (IHP) Threat Map 10. Early Warning System (Honeynet Portal at BSSN) 11. Threat Sharing Platform Architecture

Honeynet Handbook

Honeynets - Introduction to Honeypot/Honeynet technologies …€¦ · Introduction to Honeypot/Honeynet technologies and Its Historical Perspective Alexandre Dulaunoy [email protected] January

mou.unsyiah.ac.idmou.unsyiah.ac.id/assets/2018/Nota-Kesepahaman-The-Indonesia-Honeynet... · di bidang perangkat keras dan jaringan daring yang berfokus pada teknologi sensor Honeypot

Honeypot Report

Honey Inspector Mike Clark Honeynet Project. Honeynet Inspector Background

The Honeynet Project

Honeynet technolgy

NACS - March 2012 THP: Tunisian Honeynet Project « Saher-Honeynet » Speaker: Hafidh EL FALEH [email protected]

IDS : HoneyNet und HoneyPoteris.prakinf.tu-ilmenau.de/edu/HS/0203/triebel03honeynetTalk.pdf · 18.03.2003 2 IDS – HoneyNet und HoneyPot Jens Triebel Motivation In warfare, information

Utilizando Honeypots como Ferramenta de Segurança · Tópicos O que é Honeypot A história dos Honeypots Tipos de Honeypots Níveis de Interação Honeynet - Conceito Projeto HoneypotBR

one childhood, one journey Honeypot House The Honeypot Playbus

Sistemas Honeynet