Picking up where we left off last week discussing computer honeypots; this time we will discuss some of the different types out there. Honeypots in general are classified based on the type of malicious activity they are trying to monitor and thwart. The most common is perhaps a malware honeypot which is designed to mimic the target of a malware attack. For example, a honeypot might emulate a USB storage device. If a machine is infected by malware that spreads via USB, the honeypot will trick the malware to infect the emulated device.
Another example is a spam honeypot which emulates an open mail relay or proxy. Spammers will test the open mail relay by sending themselves an email first. If they succeed, they then send out large quantities of spam. The honeypot can detect and recognize this test and successfully block the massive volume of spam that follows.
A final example is a database honeypot. Activities such as SQL injections can often go undetected by traditional firewalls, so some organizations will use a database firewall, which can provide honeypot support to create decoy databases. This way potential hackers that attack database vulnerabilities can be detected and thwarted at the network edge before they ever manage to penetrate the main part of the network.
If you want to learn more about how Accolade Technology can help your business, please contact us at [email protected].