Should Your Company Use A Honey Pot As Part Of Its Security Audit?

A honey pot, while being a name that brings to mind a sweet confection, is a serious tool that is used by both the good guys and the bad guys in the security wars. If you want to be able to track the techniques that are used by the other side then the best thing that you can do is to trap them in a honey pot. This is one of the many techniques that people have been using when it comes to network security. It is one that has proven to be very effective. In the following article I will go more into detail of what a honey pot is and how you can use one in your security network. Also I will talk about if you even need one in your set up. After you have read through this you can decide for yourself if you need a honey pot or not. Chances are, most likely you will decide to go with one.

should a honey pot be part of your security audit?

should a honey pot be part of your security audit?

So, what is a honey pot?

If you have ever gone hunting in the woods or watch TV shows that show hunting in them, then you have probably seen a technique that is similar to a honey pot. On a lot of these hunting shows that come on, you will see a hunter bait a trap for its prey. It doesn’t matter if it is a fish or a bear; they will take something that the prey likes and place it so that it is easily available to them. When the prey finally starts to come near the bait, the hunter will then set the trap. This technique has been taught over the years by watching how the prey reacts to certain types of bait. One hunter learned from another and now they have acquired the knowledge to be able to trap animals in it pretty regularly. This is the same thing that a honey pot does.

The person who is running a network will set up the trap. They will dangle something that a black hat hacker is sure to go for. They might place false information on the web that will make the person or persons attack that part of the network. But instead of attacking the main network itself, they are trapped in a server that is set up to monitor what the attacker is doing. That is the honey pot. The honey pot is the server that pretends to have a lot of goodies for the hacker to look at but in reality is nothing special at all. Once you have them in the trap and you start to monitor what they are doing then you can go back to your real network and make sure that it is protected against the attacks that the black hat hacker were trying to do in the honey pot.

While each hacker will have their own types of attacks, using this method will ensure that you are protected from at least the favorites. Also you will be able to see firsthand any new attacks that might be out there that you do not know about.

Reversing the attack

While the technique is a great one to use against attackers, it can also be turned around and used against you instead. Black hat hackers have seen how effective honey pots were against their brethren and now they have turned it around and started to use them against security researchers as well. It is as if the bear now traps the hunter in a trap. They will now use honey traps to mainly see how the security researcher found them and what they are searching for. This way they know if the person is close to catching them or not. This latest trend is fairly new and is only used by a small percentage of black hat hackers.

So using a honey pot on your network is a great idea. If you want to be able to find out how the bad guys are getting there or what they might be looking for then setting up a trap for them is the perfect way to find out.

There are times when you need to be proactive in guarding your network and a honey pot allows you to do that. Most of the time when you are a white hat hacker, you are waiting to see what the bad guys are going to do. When you set up a honey pot, you are setting up the trap and now you are the one in control.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] You can do that by setting up traps and see what they do with it. This kind of trap is known as a honey pot and it is the kind of trap that you use when you are trying to see the actions of black hat […]

Speak Your Mind

*