Hello and welcome to GitcodeX
In this article you will learn what is a Honeypot and for what it is used for.as we all know our system and websites are always in a risk to be hacked by hackers, honeypot is nothing but a computer programme that keep on watch all activities in your system or network. so, let us know more about honeypot and setup a simple honeypot.
What is Honeypot and what its used for ?
A honeypot is a computer system that is set up to act as a decoy to lure cyberattackers, and to detect, deflect or study attemps to gain unauthorised access to information systems.
Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site, but is actully isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked.
This is similar to the ppolice baiting a criminal, conducting undercover surveillance, and finally punishing the criminal.
A honepot is a security resource who's value lives in being probed, attacked or compromised.
Honeypots are weopns against spammers, honeypot detection system are spammer-employed counter-weapons. As detection systems would likely use unique characterstics of specific honeypots to identify them.
With the use of honeypot one can recognize the identity of anyone working in a company and can keep watch on their activities.
Honeypots can be setup inside, outside or in the DMZ (Demilitarized zone) of a firewall design or even in all of the locations although they are most often deployed inside of a firewall for control purposes. In a sense, they are variants of standard intruder detection systems (IDS) but with more of a focus on information gathering and deception.
Honeypots can be classified based on their deployment (use/action) and based on their leval of involment. based on deployment, honeypots may be classified as
1. Production Honeypots :
Production Honeypots are easy to use, capture only limited information, and are used primarily by corporations. Production Honeypots are placed inside the production network with other production servers by an organization to improve their overall state of security. Normally, producation honeypots are low-interaction honeypots, which are easier to deploy. They give less information about the attacks or attackers than research honeypots.
2. Research Honeypots :
Research Honeypots are run to gather information about the motives and tactics of the black hat community targeting different networks.These honeypots do not add direct value to a specific organization; instead, they are used to research the threats that organization face and to learn how to better protect against those threats. Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations.
Based on design criteria,Honeypots can be classified as :
1. Pure Honeyppots
2. High-interaction Honeypots
3. Low-interaction Honeypots
How to setup Honeypot in Kali linux ?
Its very simple and easy to setup honeypot in your system or network. If you also want to setup honeypot into your network and make your network more safe then open your terminal and follow the commands as under.
to install and setup honepot, we have to use a tool named 'Pentbox'.
so first of all let's install that tool.
Step-1 clone into pentbox
git clone https://github.com/whitehatpanda/pentbox-1.8.git
Step-2 install the tool
cd pentbox-1.8/
ls
./pentbox.rb
The tool is installed in your system.
Step-3 Setup honeypot
select 2-network tools
select 3-honeypot
after doing this you will get option of automatic configuration or manual configuration, you can choose one of them according to your need.
Step-4 choose Configuration method
selct 1- fast auto configuration
And that's it, Honeypot is activated in your system.
Now, you can observe and make secure your networks from Hackers!