Skip to main content

Featured

Honeypot & its Types

Honeypot & its Types: Honeypot is a security mechanism which records all the actions, transactions and interactions with users. They are used to track the attackers and defend the attacks. Based on their deployment types, it is classified into – Production honeypots –  Easy to use but they capture only limited information. They are placed inside production networks to improve security. Research Honeypots -Works better in gathering information about attackers. They research the threats of the organization and tries to prevent the threats. These are complex to deploy and maintain. Based on design criteria, the honeypots are classified into – Pure honeypots – Activities are monitored using the honeypot’s installed link to the network. High interaction – Multiple honeypots in a single system. More secure, difficult to detect, expensive to maintain. Low interaction – Simulate the services of attackers.
Read more

MAC attacks & Flooding Switches

MAC attacks & Flooding Switches:

MAC attacks are also known as CAM table overflow attack, here the attacker does not attack the host machine directly, but he attacks the network switches. A network switch is a used to connect the devices together in the same computer network. MAC flooding compromises the security of the network switches by flooding the switches with fake address/port mapping. The switch cannot save a lot of MAC address; hence it enters into a fail-open mode and so it starts broadcasting all the incoming data to the ports. So the attacker gains access to the victim’s data packets.
To prevent a MAC flooding attack, we need to use Port security (Cisco Switches), Authentication with AAA servers, Security measures to prevent ARP or IP spoofing and Implementing IEEE 802.1X suites.

Popular Posts