Later in this chapter we will describe the state of this arms race (as
of the writing of this book).
Latest Trends in Honeynet Technology
Speaking of arms races, as attacker technology evolves, the technology used by defenders
has evolved too. This cat and mouse game has been taking place for years as attackers try
to go undetected and defenders try to detect the latest threats and to introduce countermeasures
to better defend their networks.
Honeypots
Honeypots are decoy systems placed in the network for the sole purpose of attracting
hackers. There is no real value in the systems, there is no sensitive information, and they
just look like they are valuable. They are called ???honeypots??? because once the hackers put
their hand in the pot and taste the honey, they keep coming back for more.
Honeynets
A honeypot is a single system serving as a
decoy. A honeynet is a collection of systems
posing as a decoy. Another way to think
about it is that a honeynet contains two or
more honeypots as shown here:
Why Honeypots Are Used
There are many reasons to use a honeypot in the enterprise network, including deception
and intelligence gathering.
Deception as a Motive
The American Heritage Dictionary defines deception as ???1.
Pages:
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876