Honeypot
-
Upload
chandrak-trivedi -
Category
Technology
-
view
197 -
download
3
Transcript of Honeypot
HoneypotBy,
101015275_Chandrak Trivedi101014369_Parbodh Verma
HONEYPOT - Chandrak & Parbodh 2
Learning Objective• What is Honeypot?
• Understand principles of Honeypot
• Explain Honeypot Infrastructure
• Understand various type of Honeypots
• Demonstration of attacks on Honeypot
HONEYPOT - Chandrak & Parbodh 3
What is Honeypot?• Decoy Server • Gathering Information
• Additional level of security
• Can be inside, outside or DMZ zones of firewall
• Resemble a real system
HONEYPOT - Chandrak & Parbodh 4
Principles of Honeypot• Principle 1: Do not fake • Principle 2: Segregation of duties
• Principle 3: Smart deployment
HONEYPOT - Chandrak & Parbodh 5
Internal Network
SIEM
SOC
InternetAttacker
Database (logs)
Honeypot
Honeypot Network
HoneypotInfrastructure
HONEYPOT - Chandrak & Parbodh 6
Honeypot Types• HonnyPotter - A WordPress login honeypot for collection and analysis of
failed login attempts. • wp-smart-honeypot - WordPress plugin to reduce comment spam with a
smarter honeypot• wordpot - A WordPress Honeypot • RDPy - A Microsoft Remote Desktop Protocol (RDP) honeypot in python • Honeyprint - Printer honeypot• Mailoney - SMTP honeypot, Open Relay, Cred Harvester written in python.• Many more…
HONEYPOT - Chandrak & Parbodh 7
Demonstration
Attacker : Kali Linux(Hydra and Payload)
Honeypot : UbuntuGlastopf - Web Application
Honeypot Phpmyadmin_honeypot - A
simple and effective phpMyAdmin honeypot
HONEYPOT - Chandrak & Parbodh 8
Brute Force Attack
HONEYPOT - Chandrak & Parbodh 9
Brute Force Attack
HONEYPOT - Chandrak & Parbodh 10
HONEYPOT - Chandrak & Parbodh 11
DoS Attack
HONEYPOT - Chandrak & Parbodh 12
DoS Attack
HONEYPOT - Chandrak & Parbodh 13
DoS Attack
HONEYPOT - Chandrak & Parbodh 14
Other type of Attacks • Command Injection Attack
• Local File Inclusion Attack
• Remote File Inclusion Attack
• SQL injection Attack
HONEYPOT - Chandrak & Parbodh 15