Ver:
Sistema/máquina
"trampa" utilizado para atraer a posibles intrusos.
recurso cuyo
valor reside en hecho de ser comprometido. Al ser elementos no productivos,
cualquier actividad dirigida u originada en ellos es considerada maliciosa y
por tanto de gran utilidad en detección de intrusiones como elemento de alerta
temprana. [CCN-STIC-401:2007]
Es un sistema
diseñado para analizar cómo los intrusos emplean sus armas para intentar entrar
en un sistema (analizan las vulnerabilidades) y alterar, copiar o destruir sus
datos o la totalidad de éstos (por ejemplo borrando el disco duro del
servidor). Por medio del aprendizaje de sus herramientas y métodos se puede,
entonces, proteger mejor los sistemas. Pueden constar de diferentes
aplicaciones, una de ellas sirve para capturar al intruso o aprender cómo
actúan sin que ellos sepan que están siendo vigilados.
http://www.alerta-antivirus.es/seguridad/ver_pag.html?tema=S
A deception
technique in which a person seeking to defend computing devices and cyber
infrastructure against cyber operations uses a virtual environment designed to
lure the attention of intruders with the aim of: deceiving the intruders about
the nature of the environment; having the intruders waste resources on the
decoy environment; and gathering counterintelligence about the intruders
intent, identity, and means and methods of cyber operation. The honeypot can be
co-resident with the real targets the intruder would like to attack, but the
honeypot itself is isolated from the rest of the systems being defended via
software wrappers, separate hardware, and other isolation techniques such that
the intruders operations are contained.
The Tallinn
Manual, 2013
A system (e.g., a
web server) or system resource (e.g., a file on a server) that is designed to
be attractive to potential crackers and intruders and has no authorized users
other than its administrators. [CNSSI_4009:2010]
(N) A system
(e.g., a web server) or system resource (e.g., a file on a server) that is
designed to be attractive to potential crackers and intruders, like honey is
attractive to bears. (See:
entrapment.) [RFC4949:2007]
A host that is
designed to collect data on suspicious activity and has no authorized users
other than its administrators. [NIST-SP800-61:2004]
A system designed
to look like a regular network but which, in fact, monitors and traces
unauthorised access.
http://www.getsafeonline.org/
A honey pot is a
computer system on the Internet that is expressly set up to attract and
"trap" people who attempt to penetrate other people's computer
systems.
http://searchtechtarget.techtarget.com/glossaryBrowseAlpha/
Programs that
simulate one or more network services that you designate on your computer's
ports. An attacker assumes you're running vulnerable services that can be used
to break into the machine. A honey pot can be used to log access attempts to
those ports including the attacker's keystrokes. This could give you advanced
warning of a more concerted attack.
http://www.sans.org/security-resources/glossary-of-terms/
(I) "The
deliberate planting of apparent flaws in a system for the purpose of detecting
attempted penetrations or confusing an intruder about which flaws to
exploit." [FP039]
(See: honey pot.) [RFC4949:2007]
Site leurre simulant un
site de production configuré avec une sécurité moyenne ou minime. Le but est
d'attirer les pirates informatiques afin de les détourner du véritable site de
production mais aussi dans le but d'analyser leurs techniques d'intrusion et de
découvrir les nouvelles tendances en la matière afin d'optimiser et d'adapter
les mécanismes de protection.
http://www.cases.public.lu/functions/glossaire/
Temas relacionados