What’s a Honeypot?
Honeypots are a form of web security used to detect, deflect, or gather information about unauthorized use.
Keeping your computer systems safe may require the use of deception, and a honeypot may be just the key.
How do they work?
In a sense, a honeypot is a decoy, sort of like a trap for would-be hackers looking to steal your identity or, on a larger scale, your computer or network data.
By their very definition, honeypots are intentionally placed on a system to be probed or attacked.
They collect information when attackers are interacting with them.
Honeypots can be purchased commercially, or can be built using tools found in the public domain.
Commercial products often include a package that mimics an entire network on a single machine, which hopefully keeps attackers busy.
Some commercial honeypots help collect information from cybercriminals that can be used to prosecute them in a court of law.
Types of honeypots
There are two classifications of honeypots: production honeypots and research honeypots.
- Production honeypots gather a limited amount of data and are often used by corporations. They are considered to be the easiest honeypot to deploy, but provide less details about attacks than research honeypots.
- Research honeypots research the threats that exist in order to help you better prepare yourself and protect against future attacks. But unlike production honeypots, research honeypots are considered more complex to use and maintain; they capture a large amount of data. Typically, research honeypots are used by government organizations, including the military.
Should I use a honeypot?
If you’re considering whether to use a honeypot approach to security, it’s best to seek legal advice.
Find out whether your state restricts the use of honeypot security measures. You should also look into federal regulations.
Despite the potential for trouble, many security experts believe honeypots provide a proactive approach to protecting private information.
In the best scenario, honeypots could help identify someone who is trying to hack your system and provide you with enough logged evidence and information to seek prosecution.
Even those at the government level acknowledge the pros of using a honeypot.
In 2015, the Federal Trade Commission held a contest worth $25,000 for the best honeypot design that helped trap so-called “robocalls.”
The goal was to lure in robocalls so that they could be analyzed in an effort to combat illegal calls.
While honeypots can be an asset for network protection, it’s important to remember that they are essentially used to intentionally draw the attention of cyberattackers.
When considering the use of a honeypot, you should also think about the possible ramifications.
When a hacker with criminal intentions stumbles upon the decoy system, will he or she figure out they’re indeed in a decoy?
And if they do, can they beat the honeypot and gain access to your sensitive data on the real network?
If you have questions about honeypots, consult an expert you trust for the best advice related to your specific needs and concerns.