Insiders Hub

Honeypot

Chiranjib Parida

Chiranjib Parida

Unknown

0 0
  • 0 Collaborators

Some of the malicious software is spreading over the network to create more threats by users. As technology is growing rapidly, newer attacks are appearing. Security is a key point to get over all these problems. In this project, we will make a real-life scenario, using honeypots. ...learn more

Project status: Concept

Networking

Intel Technologies
Other

Overview / Usage

As we are successful to make system that is interesting enough for hackers to attack, they will try to gain access by using security flaws on the system. By tracing the hacker, we are not sure if we will be the one who has the control. Therefore we do not know if honeypots are secure or not. Does the hacker know that it is a real system or a honeypot? Is he aware of how a great tool it is for investigators to acquire information about security flaws in the system? What does he gain from hacking it? It is a big problem if it is possible to reach other real systems using honeypot features and seize them, because the rest of the system will be compromised. We are not sure if the hacker will continue hacking even if he knows that it is a honeypot or not. Knowing all these issues does not make our investigation efficient. We will try to find answers and solutions to all these questions and think about what can be done to make honeypots more secure and make sure that the hacker will not be able to go further than hacking the honeypot. We will have two perspectives which are a forensic examiner and a hacker. We will use variety of hacking tools and forensic examiner tools to have very accurate results.

Methodology / Approach

In this project, I have installed honeypot in the local machine and the local machine will have connected to a particular network. Then I have assigned the local IP address to the honeypot and also assign a particular port number and given a MOTD after that honeypot will ready to run.

When the attacker click the IP address of the victim machine then the attacker system information will be coming to the hacker machine and save in the local machine .MMH format or save in secure manner.

In my Honeypot project, I have used snort rule for monitoring the attacker machine and collect the information of attacker machine.

Technologies Used

Hardware Requirements:

At least a Pentium II 450 Mhz processor

At least 512MB of RAM One NIC (supported by the OS)

One hard drive with at least 10GB capacity.

Smaller hard drives allow for shorter image creation times.

Software Requirements: Any Linux Operating System both x86 and x64

Any Linux Compatible IDE Python Programming Language

Comments (0)