Honeybot

Solo disponible en BuenasTareas
  • Páginas : 11 (2550 palabras )
  • Descarga(s) : 0
  • Publicado : 27 de noviembre de 2011
Leer documento completo
Vista previa del texto
HoneyBOT User Guide
A Windows based honeypot solution

Visit our website at http://www.atomicsoftwaresolutions.com/

Table of Contents
What is a Honeypot?.................................................................2 How HoneyBOT Works ..............................................................2 Secure the HoneyBOT Computer ................................................3Non-production Computer .............................................................. 3 Patches ........................................................................................ 3 Antivirus ...................................................................................... 3 Firewalls....................................................................................... 4 Change defaultconfigurations ......................................................... 4

Configuring the Network............................................................4
Internal Network Monitoring ........................................................... 4 External Network Monitoring ........................................................... 5

Network Baseline.....................................................................5 Installing HoneyBOT .................................................................6 HoneyBOT Application...............................................................7
Main Window ................................................................................ 7 Starting the Engine........................................................................ 7 Stoppingthe Engine ...................................................................... 8 Packet Log Viewer ......................................................................... 8 Debug Log .................................................................................... 9 Options ........................................................................................ 9 Bug Reporting andFeedback........................................................... 9 Check for Update........................................................................... 9

Log Files................................................................................ 10 Capture Files ......................................................................... 10 Modifying ListeningPorts......................................................... 11 Uninstalling HoneyBOT............................................................ 11 Privacy Policy......................................................................... 11

Copyright (C) 2005 All of the documentation and software included in this package is copyrighted by Atomic Software Solutions. All rights reserved.

Page 1

What is a Honeypot?
A honeypotis a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. The captured information is highly valuable as it contains only malicious traffic with little to no falsepositives. Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits.

How HoneyBOT Works
HoneyBOT works by opening over 1000 UDP and TCP listening sockets on your computer and these sockets are designed to mimic vulnerable services. When anattacker connects to these services they are fooled into thinking they are attacking a real server. The honeypot safely captures all communications with the attacker and logs these results for future analysis. Should an attacker attempt an exploit or upload a rootkit or trojan to the server the honeypot environment will safely store these files on your computer for analysis and submission to...
tracking img