IT-548: Information Security Threat

Great Essays
Technical Paper – Honeypot
IT-548-Q1088 Information Security
Submitted by Anudeep Gali
Professor: Dr. Derek Holbert
Southern New Hampshire University

Abstract: Internet is one of the useful resources to the mankind but on the other hand possess so many threats and provides a means of attack for the Intruders. In this project we will be building a secure shell Honeypot and deploy on a public server to research the cyber attacks. Once we deploy the system, we will concentrate on recording all the attempts made by the intruder to enter the information system. We will be able to analyze the most commonly used usernames and passwords and analyze the shell commands used by the intruders to develop remedies of attacks on the original
…show more content…
Internet provides vast amount of useful information on wide range of topics and helping the mankind with easy means of communication and information. On the other hand we face so many threats on internet which are not limited to identity theft, privacy etc. Some of the common threats on internet include phishing, virus, malware and spam. To help protect our network from these cyber attacks we should know how the Intruders are accessing our information systems. Honeypots help to uncover most of the threats on Internet. These are traps set in the firewall of the system which help in recording the attacks of intruders on the system. Honeypots are used to research on the complex information of cyber attacking …show more content…
Most of the companies use the low interaction honeypots to research on the intrusions. These Honeypots produce large amounts of data about the intrusion activities which are later analyzed by the company to device the remedies for these intrusions. The benefit of using the low interaction Honeypot is that they utilize very less resources and produce vast amount of useful data. Dionaea is one of the well known low interaction Honeypot. The high interaction honeypot can gather relatively much information on the intruders as these honeypots have many services which attract the users to attack leading to maximum number of intrusion records. Pure Honeypots are just like systems so they need not be installed separately but these Honeypots are costly to manage. There are many intrusion detection tools available in the market but Honeypots are the reliable and one of the efficient tools to detect the intrusions. The different types of Honeypots provide different levels of security. As we are deploying the Honeypot on a public server, we will be using public server EC2. Also, we will be using programming language C.
In addition to these advantages, there are few limitations associated with the honeypots. Honeypots can only be able to record the intrusion activities directed against them but if the intruder attempts to attack the system indirectly, honeypots fail to produce the results. Different

Related Documents

  • Superior Essays

    Pt1420 Unit 5 Lab Report

    • 1875 Words
    • 8 Pages

    Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack. It is run on web servers, with the purpose of identifying software susceptibilities in client machines, communicating with it and exploiting discovered vulnerabilities to upload and execute malicious code on the client. 3 e. How many options are there? How many of these are required?…

    • 1875 Words
    • 8 Pages
    Superior Essays
  • Improved Essays

    Johnson 6 virus, worms, malware or spyware. It’s very interesting if one goes onto google play or the one from Apple, there are numerous applications created to do a phone scan and to check newly installed applications to ensure your phone is protected from viruses. The world wide web is like playing Russian roulette because of the possibility of contracting a virus or worm. Hackers across the globe will forever be a serious threat to citizens around the world and National Security. The Department of Defense along with the Department of Homeland Security oversee security measure to protect the United States from cyber-attacks.…

    • 955 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    The Citadel botnet is very similar to Zeus botnet. It is designed to steal personal information used in financial transactions and perform DDoS attacks. Alexa benign traffic includes domain name lists which are used to avoid the possibility of representing old botnet behavior when old binaries are used. The dataset from the Centro University, Argentina…

    • 404 Words
    • 2 Pages
    Improved Essays
  • Improved Essays

    HIDS stands for host intrusion detection system. This runs on a separate network or host to the normal IDS and NIDS. This controls the inbound and outbound network traffic going through the network and again alert management and admins when traffic looks untrustworthy. Firewall…

    • 767 Words
    • 4 Pages
    Improved Essays
  • Superior Essays

    Homeland Security Threats

    • 1252 Words
    • 6 Pages

    Some hackers are harmless, however some are prepared to wreak havoc on America. As our country becomes more and more dependent on technology and computers in everyday life, technology also becomes an important tool for potential terrorist organizations. These organizations can cause critical damage to information systems used by our government. Cyber terrorism is a relatively new word that refers to terrorist organizations or individuals who seek to damage and destroy technological infrastructures such as the Internet (Furnell & Warren, 1998, 1). According to Mark M. Pollit, “the modern thief can steal more with a computer than with a gun” (Pollit, 2007, 65).…

    • 1252 Words
    • 6 Pages
    Superior Essays
  • Decent Essays

    1. Internal Bot If an attacker is attempting to breach the enterprise, they may attempt to insert a bot within the network which will wreak havoc on the organization’s system. The internal bot addresses security at the perimeter of the enterprise. The DPI (deep packet inspection) engine will identify network malware that’s attempting to penetrate the network.…

    • 386 Words
    • 2 Pages
    Decent Essays
  • Improved Essays

    However, with every advancement comes the criminal exploits of vulnerabilities. This criminal element help create the notion of “policing” cyberspace, which enviably lead to the development of new tactics and techniques to secure…

    • 620 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Our recommendation to the National Security Council is to pursue Policy #4, using a honeynet to trap attackers and provide attribution. This technical solution is far more covert than our other alternative policies. It allows us to obtain knowledge about hackers’ methods and means of attack during their attempts to infiltrating sensitive data. Most importantly, it could potentially provide irrefutable evidence for attribution. This evidence enables the US to impose harsher sanctions without fear of a backlash.…

    • 381 Words
    • 2 Pages
    Improved Essays
  • Improved Essays

    Internal Security Audits

    • 537 Words
    • 3 Pages

    One of the most popular and open source applications is known as the “Nmap” able to run on both UNIX and windows Operating Systems. But overall the Nmap application is “commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.” (Lyon, 2009) Keeping in mind that the three elements of people, process, and technology. Along with the combination to endure that vulnerability testing is conducted to a quality standard to ensure stable results when evaluating security controls.…

    • 537 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    College Security Risks

    • 1018 Words
    • 5 Pages

    As a security analyst in the Information technology environment at the Aim Higher College, I have seen many attacks from the hackers that attempt to steal the sensitive data of the college and expose it to the whole world or alter it in some way. I have seen the many threats that have existed on the college’s data and systems at one point. Furthermore, I discovered many vulnerabilities in college’s systems, I captured them before the intruders can get their hands on them and make an effort to exploit the vulnerabilities. Moreover, I gave many suggestions on how to fix and secure on many issues that were affecting the college’s network and systems.…

    • 1018 Words
    • 5 Pages
    Improved Essays
  • Improved Essays

    Incident Response Policy

    • 957 Words
    • 4 Pages

    Honeypot solves this problem by giving more accurate information within a clearer format. Beside, honeypot can access to the attack closely, therefore, the false negative rate and false positive rate of collection data are much lower than other monitor tools. (Spitzner, Lance. Nov 03, 2010). The data collection ability is the best weapon of honeypot.…

    • 957 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    For numerous people logging onto the Internet is as routine as putting on a pair of clean underwear everyday. People take it for granted without realizing what is actually going on. Everytime you log on to the world wide web, you are risking your computer to numerous viruses, spyware, and adware programs. Many people dont realize that over ninety percent of computers today are infected with some form of virus or spyware. It is usually to late for people to do anything by the time they realize they have been infected by some malicious computer disease.…

    • 522 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Firewalls Firewall is a security system that controls the incoming and outgoing traffic based on applied rule set. It constructs a barrier around networks or computers which protects them from unauthorised programs to access such as viruses, this happens by the opening and closing the ports, these ports connect protocols and IP address together. For a web server, it is better to close all the ports that are not being used because the hackers can take advantage and easily get into the system. Here are some examples of Firewalls Software: McAfee, BullGuard , Paretologic etc.…

    • 440 Words
    • 2 Pages
    Improved Essays
  • Superior Essays

    Metasploit Case Summary

    • 1006 Words
    • 5 Pages

    Reviews: Metasploit Penetration Testing Cookbook. Network Security. p. 4. doi:10.1016/S1353-4858(13)70125-9 About the Metasploit Meterpreter. (n.d.).…

    • 1006 Words
    • 5 Pages
    Superior Essays
  • Improved Essays

    With growing rises of terrorism across the world -- but the U.S. especially-- it is crucial that suspicious activities get checked out immediately. For legal reasons, looking into someone’s internet activities should be the same as looking in someone’s house; there should be probable cause or some type of warrant. As shown in cases such as the Boston Marathon shooting, the internet and citizens’ internet content can help solve crimes on a national level -- in these instances, monitoring the internet is a duty to the country and is necessary to protect the wellbeing of…

    • 529 Words
    • 3 Pages
    Improved Essays