Discussion1
Honey pot basically designed to trap the attackers and intruders who will have regular and malicious users in which malicious users are people who will be involved in doing suspicious activities on fake asset, it will also help in capturing the attacks and giving additional informational about how attack took place on the deceptive network here, the mindset of the attacker will be studied carefully because based on his mindset it will help organizations to design their infrastructure and understand their loopholes on the system (G.Amoroso, 2011).
Some of the advantages of honey pots includes that, it will focus more on malicious traffic which will make investigation much easier on the attacks done by attacker (Göbel, 2011). It will also help in understanding the tactics used by the attackers before doing any attack which will make any organization take precautions in investigate and capture the attackers in a easy way before they attempt to make more attack. Honey pots doesn’t need more data storage, but it saves more space to store huge useless data (Göbel, 2011).
Some of the uncertainties includes that the companies sometime will lose the important resources because, through some interface’s attacker will steal the information from original network which will cause the serious problem. one of the biggest disadvantage is that attacker cannot be identified if he is not actively attacking the system, because he will be using some fake details that’s why they are identified only during action, here we cant predict when the attack will happen and honeypot cannot identify multiple attacks in the system which will make attacker do worst things and use different tricks and attack on multiple systems so that honeypot wont be able to capture them all together (Saikawa, 2019).
Discussion 2
Honeypot is defined as the system, which is closely monitored and is available to compromise for malicious attacks (Göbel & Dewald, 2011). The honeypot then tracks all the steps, methods, tools, and motives of the attacker to exploit the vulnerability. This information is used in building an effective mechanism to defend such attacks and rules for intrusion detection systems.
Honeypot helps in collecting the precise data that adds value, which is most likely an attack or scan, this avoids analysis effort for most organizations where they collect huge amounts of data from multiple databases such as firewall logs, intrusion detection alerts, and system logs. The data collected is presented in an understandable format, which is then used in detecting attacks, trend analysis, and for identifying attackers. Firewalls and IDS might fail to function when its resources are overwhelmed and blocks all the connection to avoid this, the honeypot is implemented as they collect fewer data and there is less probability for resource exhaustion problem. Another advantage of honeypot lies in its simplicity, as it uses no complex algorithms to develop and signature a database to document. Honeypot acts as a decoy and helps in distracting the attackers from real data to fake assets also informing about the threats.
On the disadvantage side, a honeypot can detect the only attacks that are in their direction or targeted against them. If an attacker is aware of the honeypot attacker can infiltrate the organization’s data by avoiding that particular system. Honeypots have a narrow field of view hence not considering the other attacks happening around it. Honeypot comes with the risk of attacking, infiltrating, and harming other systems once an intruder attacks it.
1.Evaluate one pro and con above proposed above discussions
Response Requirements:
1. Be 1 paragraphs in length for each Discussion
2. Your responses to above discussions must be more than a simple “Good job” or “I agree with your post”. They must also not just be “Let me add to your post…” Instead, your responses to each other should do three things:
1. Acknowledge the above discussions with some form of recognition.
2. Relate the discussions to something you have learned or are familiar with
3. Add to the conversation by asking additional questions about the discussion, or discussing the topic further.
Discussion1
Honey pot basically designed to trap the attackers and intruders who will have regular and malicious users in which malicious users are people who will be involved in doing suspicious activities on fake asset, it will also help in capturing the attacks and giving additional informational about how attack took place on the deceptive network here, the mindset of the attacker will be studied carefully because based on his mindset it will help organizations to design their infrastructure and understand their loopholes on the system (G.Amoroso, 2011).
Some of the advantages of honey pots includes that, it will focus more on malicious traffic which will make investigation much easier on the attacks done by attacker (Göbel, 2011). It will also help in understanding the tactics used by the attackers before doing any attack which will make any organization take precautions in investigate and capture the attackers in a easy way before they attempt to make more attack. Honey pots doesn’t need more data storage, but it saves more space to store huge useless data (Göbel, 2011).
Some of the uncertainties includes that the companies sometime will lose the important resources because, through some interface’s attacker will steal the information from original network which will cause the serious problem. one of the biggest disadvantage is that attacker cannot be identified if he is not actively attacking the system, because he will be using some fake details that’s why they are identified only during action, here we cant predict when the attack will happen and honeypot cannot identify multiple attacks in the system which will make attacker do worst things and use different tricks and attack on multiple systems so that honeypot wont be able to capture them all together (Saikawa, 2019).
Discussion 2
Honeypot is defined as the system, which is closely monitored and is available to compromise for malicious attacks (Göbel & Dewald, 2011). The honeypot then tracks all the steps, methods, tools, and motives of the attacker to exploit the vulnerability. This information is used in building an effective mechanism to defend such attacks and rules for intrusion detection systems.
Honeypot helps in collecting the precise data that adds value, which is most likely an attack or scan, this avoids analysis effort for most organizations where they collect huge amounts of data from multiple databases such as firewall logs, intrusion detection alerts, and system logs. The data collected is presented in an understandable format, which is then used in detecting attacks, trend analysis, and for identifying attackers. Firewalls and IDS might fail to function when its resources are overwhelmed and blocks all the connection to avoid this, the honeypot is implemented as they collect fewer data and there is less probability for resource exhaustion problem. Another advantage of honeypot lies in its simplicity, as it uses no complex algorithms to develop and signature a database to document. Honeypot acts as a decoy and helps in distracting the attackers from real data to fake assets also informing about the threats.
On the disadvantage side, a honeypot can detect the only attacks that are in their direction or targeted against them. If an attacker is aware of the honeypot attacker can infiltrate the organization’s data by avoiding that particular system. Honeypots have a narrow field of view hence not considering the other attacks happening around it. Honeypot comes with the risk of attacking, infiltrating, and harming other systems once an intruder attacks it.
1.Evaluate one pro and con above proposed above discussions
Response Requirements:
1. Be 1 paragraphs in length for each Discussion
2. Your responses to above discussions must be more than a simple “Good job” or “I agree with your post”. They must also not just be “Let me add to your post…” Instead, your responses to each other should do three things:
1. Acknowledge the above discussions with some form of recognition.
2. Relate the discussions to something you have learned or are familiar with
3. Add to the conversation by asking additional questions about the discussion, or discussing the topic further.