Hacking for Beginners: Step By Step Guide to Cracking Codes Discipline, Penetration Testing, and Computer Virus. Learning Basic Security Tools On How To Ethical Hack And Grow by Karnel Erickson

Author:Karnel, Erickson [Karnel, Erickson]
Language: eng
Format: azw3, epub, pdf
Published: 2020-09-03T16:00:00+00:00

Another major disadvantage results from the identification of a system as Honeypot. This can lead to an attacker bypassing the honeypot in the future and focusing on other systems. In addition, it can happen that an attacker deliberately uses his knowledge of the existence of a honeypot to access other systems. For example, an attacker can bombard a honeypot with attacks and distract the user to such an extent that he can attack other systems unhindered. In the research honeypots already mentioned, identification can lead to serious errors. This is due to the fact that an attacker can deliberately leave behind false information about himself and his methods during an attack. But as conclusions are drawn from this information through analysis, this leads to wrong conclusions. This poses a massive problem if these failures find their way into the security software of the next version. This way, it can be manipulated, and instead of protecting the systems, new ones can be created.

Examples of Honeypots

The functioning of honeypots has now been explained in detail, so it is time to look at some practical examples. Of course, there are a large number of honeypots in use today. Therefore, in the following three different honeypots are presented, on the basis of which one can see well the different application possibilities. As a first example, I'd like to introduce a rather simple honeypot called Back Officer Friendly. The second example will be a more complex honeypot called honeyd. As the last application, we will then turn to the honeynets.

Back Officer Friendly

The first example I would like to introduce here is Back Officer Friendly (BOF for short). This is one of the simplest honeypots available and can be classified in the class of low-inter-action honeypots. BOF can be used well as a production honeypot and is not suitable as a research honeypot. The reason is that the program has very limited functionality and, in the case of an attack, also collects very little information about the attacker and his methods. But before the functionality is explained in more detail, first a few words about the genesis of BOF.

BOF, which was initially not conceived as a honeypot, was actually developed as a measure against a then-circulating program called Back Orifice. Back Orifice was, therefore, such a great danger because an attacker could penetrate without attracting attention into a system and could control this at will. When Marcus Ranum developed BOF in 1998, his goal was to create software that would uncover the activities of this then-widespread program. BOF was designed to immediately trigger an alarm once a Back Orifice attack was discovered.

The procedure of the BOF can be described as follows: The program can listen to up to 7 different ports of a system. If an attempt is made to establish a connection to one of these ports, BOF actually establishes a complete TCP connection, at the same time recording the attempt to set up the connection and triggering an alarm to alert the user. Then BOF breaks off the connection immediately.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.