A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides
Information Security
Key Concepts
Information Security
Related Topics
Confidential Information

top   »  information technology   »  information security   »  honeypot

11 Examples of a Honeypot

 , updated on
A honeypot is a fake resource that is used to detect or divert information security attacks. Honeypots are designed such that they are unlikely to attract legitimate users. As such, traffic to a honeypot is mostly either random or hostile. The following are illustrative examples.

Research Honeypots

A honeypot that is used to gather information about attackers, attack patterns and techniques. For example, a series of poorly secured web servers that have many vulnerabilities may be deployed by a government or information security firm to improve products or gather information.

Pure Honeypots

A full copy of a production system, typically stripped of sensitive data. For example, an instance of a banking website that is fully function but that doesn't connect to real customer data. If you are able to detect an attack you might forward the attackers to a pure honeypot as opposed to blocking them. This allows you to collect data and waste an attacker's time and resources.

High Interaction Honeypots

A honeypot that simulates a production system, often with slow response times designed to slow attacks.

Low Interaction Honeypots

A honeypot that doesn't behave like a production system but is designed to be scalable and resource efficient. This may be used as a distraction that is relatively inexpensive.

Malware Honeypots

Simulation of resources that malware commonly tries to exploit such as an outdated API that contained security flaws.

Spam Honeypots

Simulation of resources such as open mail relays that spammers commonly exploit.

Email Trap

An email that is published to detect spam. For example, an email may be published on a web page in a way that isn't obvious to users but gets picked up by email scrapers.

Spider Trap

A resource designed to detect web crawlers, also known as web spiders. For example, a link on a page designed to be invisible to users will commonly be picked up by spiders.

Database Honeypot

A fake database may be used by security features such as database firewalls when they detect an intrusion attempt.

Honeynets

A network of honeypots. For example, an intrusion detection system might deploy an entire virtual network of insecure resources in order to detect a variety of attack patterns.

Advanced Measures

Honeypots may be set up by information security experts in order to detect advanced persistent threats. For example, a fake table with an attractive name such as "CUSTOMER_PASSWORD" could be inserted to a database with queries to the table triggering security notifications.
Overview: Honeypot
Type
Information Security
Definition
A fake resource that is used to detect or divert information security attacks.
Etymology
An analogy to a bear being attracted and distracted by honey.
Related Concepts
Advanced Persistent Threat
Data Breach
Defensive Computing
Information Security
Passive Attack

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
Incident Response
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 
Cite »

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Data Backup

Several data backup techniques compared.

Sandbox Definition

An overview of sandboxes. An information security technique.

Strong Password

A few examples of what makes a password strong or weak.

Zero-day Vulnerability

An overview of zero-day vulnerability.

Personal Information

A definition of personal information with examples.

Cybersecurity

A definition of cybersecurity with examples.

Public Network

A definition of public network with examples.

Sandbox

A definition of sandbox with examples.

Trending

The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map
Business Analysis
Coding
Communication
Compliance
Networking
Computing
Creativity
Cryptography
Data
Design
Design Thinking
Governance
Information Technology
Infrastructure
Knowledge Management
Management
Metrics
Organizational Culture
Problem Solving
Productivity
Project Management
Quality
Risk Management
More ...
© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.

View credits & copyrights or citation information for this page.

Home About     Privacy Policy     Cookies Terms of Use     Contact Us Search


Cookies help us deliver our services. You have choices regarding these cookies. Please visit our privacy policy, cookie policy and consent tool to learn more.


Copyright 2002-2024 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten, redistributed or translated. Report violations here.