Skip to main content

Featured

Honeypot & its Types

Honeypot & its Types: Honeypot is a security mechanism which records all the actions, transactions and interactions with users. They are used to track the attackers and defend the attacks. Based on their deployment types, it is classified into – Production honeypots –  Easy to use but they capture only limited information. They are placed inside production networks to improve security. Research Honeypots -Works better in gathering information about attackers. They research the threats of the organization and tries to prevent the threats. These are complex to deploy and maintain. Based on design criteria, the honeypots are classified into – Pure honeypots – Activities are monitored using the honeypot’s installed link to the network. High interaction – Multiple honeypots in a single system. More secure, difficult to detect, expensive to maintain. Low interaction – Simulate the services of attackers.
Read more

Footprint and Scanning Tools

Footprint and Scanning Tools:

Several tools are used to gather information such as –

  • Crawling – Surf the internet to gain information
  • Whois – lookup of website to get information like email, registration etc.
  • Search engines – Google, Bing and other search sites to get data
  • Traceroute – Used to trace a path between user and the target system on the networks.
  • Netcraft – tool to gather information about web servers in both server and client side.
  • Nslookup – Querying DNS server to extract information
  • The Harvester – Used to catalogue email and subdomains.

Scanning tools such as –

  • Nmap – Used for scanning and used to find open ports of target.
  • Nessus – To find vulnerabilities in the ports.
  • Nexpose – Similar to nessus

Penetration testing/exploitation tools such as –

  • MEDUSA – Used to gain authentication service in the target machine.
  • Hydra – To break authentication system
  • Metasploit – Used to exploit the system.

Popular Posts