A-Z Popular New Security Search »
Information Security
 
Related Guides
Related Topics
Confidential Information

11 Examples of a Honeypot

 , updated on
A honeypot is a fake resource that is used to detect or divert information security attacks. Honeypots are designed such that they are unlikely to attract legitimate users. As such, traffic to a honeypot is mostly either random or hostile. The following are illustrative examples.

Research Honeypots

A honeypot that is used to gather information about attackers, attack patterns and techniques. For example, a series of poorly secured web servers that have many vulnerabilities may be deployed by a government or information security firm to improve products or gather information.

Pure Honeypots

A full copy of a production system, typically stripped of sensitive data. For example, an instance of a banking website that is fully function but that doesn't connect to real customer data. If you are able to detect an attack you might forward the attackers to a pure honeypot as opposed to blocking them. This allows you to collect data and waste an attacker's time and resources.

High Interaction Honeypots

A honeypot that simulates a production system, often with slow response times designed to slow attacks.

Low Interaction Honeypots

A honeypot that doesn't behave like a production system but is designed to be scalable and resource efficient. This may be used as a distraction that is relatively inexpensive.

Malware Honeypots

Simulation of resources that malware commonly tries to exploit such as an outdated API that contained security flaws.

Spam Honeypots

Simulation of resources such as open mail relays that spammers commonly exploit.

Email Trap

An email that is published to detect spam. For example, an email may be published on a web page in a way that isn't obvious to users but gets picked up by email scrapers.

Spider Trap

A resource designed to detect web crawlers, also known as web spiders. For example, a link on a page designed to be invisible to users will commonly be picked up by spiders.

Database Honeypot

A fake database may be used by security features such as database firewalls when they detect an intrusion attempt.

Honeynets

A network of honeypots. For example, an intrusion detection system might deploy an entire virtual network of insecure resources in order to detect a variety of attack patterns.

Advanced Measures

Honeypots may be set up by information security experts in order to detect advanced persistent threats. For example, a fake table with an attractive name such as "CUSTOMER_PASSWORD" could be inserted to a database with queries to the table triggering security notifications.
Overview: Honeypot
Type
Definition
A fake resource that is used to detect or divert information security attacks.
Etymology
An analogy to a bear being attracted and distracted by honey.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Data Backup

Several data backup techniques compared.

Sandbox Definition

An overview of sandboxes. An information security technique.

Strong Password

A few examples of what makes a password strong or weak.

Zero-day Vulnerability

An overview of zero-day vulnerability.

Personal Information

A definition of personal information with examples.

Cybersecurity

A definition of cybersecurity with examples.

Public Network

A definition of public network with examples.

Sandbox

A definition of sandbox with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map