IT-548-Q1088 Information Security
Submitted by Anudeep Gali
Professor: Dr. Derek Holbert
Southern New Hampshire University
Abstract: Internet is one of the useful resources to the mankind but on the other hand possess so many threats and provides a means of attack for the Intruders. In this project we will be building a secure shell Honeypot and deploy on a public server to research the cyber attacks. Once we deploy the system, we will concentrate on recording all the attempts made by the intruder to enter the information system. We will be able to analyze the most commonly used usernames and passwords and analyze the shell commands used by the intruders to develop remedies of attacks on the original …show more content…
Internet provides vast amount of useful information on wide range of topics and helping the mankind with easy means of communication and information. On the other hand we face so many threats on internet which are not limited to identity theft, privacy etc. Some of the common threats on internet include phishing, virus, malware and spam. To help protect our network from these cyber attacks we should know how the Intruders are accessing our information systems. Honeypots help to uncover most of the threats on Internet. These are traps set in the firewall of the system which help in recording the attacks of intruders on the system. Honeypots are used to research on the complex information of cyber attacking …show more content…
Most of the companies use the low interaction honeypots to research on the intrusions. These Honeypots produce large amounts of data about the intrusion activities which are later analyzed by the company to device the remedies for these intrusions. The benefit of using the low interaction Honeypot is that they utilize very less resources and produce vast amount of useful data. Dionaea is one of the well known low interaction Honeypot. The high interaction honeypot can gather relatively much information on the intruders as these honeypots have many services which attract the users to attack leading to maximum number of intrusion records. Pure Honeypots are just like systems so they need not be installed separately but these Honeypots are costly to manage. There are many intrusion detection tools available in the market but Honeypots are the reliable and one of the efficient tools to detect the intrusions. The different types of Honeypots provide different levels of security. As we are deploying the Honeypot on a public server, we will be using public server EC2. Also, we will be using programming language C.
In addition to these advantages, there are few limitations associated with the honeypots. Honeypots can only be able to record the intrusion activities directed against them but if the intruder attempts to attack the system indirectly, honeypots fail to produce the results. Different