Skip to main content

Featured

Honeypot & its Types

Honeypot & its Types: Honeypot is a security mechanism which records all the actions, transactions and interactions with users. They are used to track the attackers and defend the attacks. Based on their deployment types, it is classified into – Production honeypots –  Easy to use but they capture only limited information. They are placed inside production networks to improve security. Research Honeypots -Works better in gathering information about attackers. They research the threats of the organization and tries to prevent the threats. These are complex to deploy and maintain. Based on design criteria, the honeypots are classified into – Pure honeypots – Activities are monitored using the honeypot’s installed link to the network. High interaction – Multiple honeypots in a single system. More secure, difficult to detect, expensive to maintain. Low interaction – Simulate the services of attackers.

Architecture of Firewall

Architecture of Firewall:

There are different types of firewall architectures, broadly –

  • Packet-filtering firewalls – Creates a checkpoint at traffic router or switch, it checks the incoming data packets through the router. It is dropped if the information is mismatching. But these are traditional types and easy to bypass.
  • Stateful inspection firewalls – This firewall is a combination of packet inspection and TCP handshake verification to create a maximum level of protection. This might slow down the system.
  • Circuit-level gateways – This firewall works by verification of TCP handshake, it is ensured that the session is legitimate and not from a intruder. They do not check the packets though.
  • Application-level gateways (Proxy firewalls) -Operates on the Application layer to filter the incoming traffic between the network and traffic source. It connects to the source of traffic and inspects the incoming traffic. They perform deep layer inspection.
  • Next-gen firewalls – This firewall ensures deep layer inspection, surface level packet inspection and TCP handshake checks. They include IPS to prevent attacks.

Popular Posts