I l @ ve RuBoard |
MisinformationMisinformation can be used to make the attacker waste time attempting attacks that will not work, since the type of systems and the version of the software reported are not an accurate representation of the actual system. Misinformation is often used as bait for intrusion detection systems. It is often easier to distinguish hacking activities from actual users when the former are attempting methods which are not appropriate for the type of system, than when the attackers are using appropriate services. Misinformation can also be used to draw attackers away from sensitive systems by making other systems more attractive. In any case, you should consult with your legal department before utilizing misinformation. False ServicesServices which can be configured to change the disclosed information can be configured to disclose false information. False services can be used to misrepresent the type of system or the software which it is running. They are also used to collect data on an attack by recording the attacker's activities against a service which is not being used by actual users. Honey PotA honey pot is a system that has no valuable information, utilizes extensive logging, and is configured so that it is reasonably easy to compromise so that an attacker will be enticed to access this system which will notify the security administrator and track the attacker activities. They are able to provide a great amount of detail about the attacks against the system. This can reveal insight into the tools and techniques used by hackers and can highlight when services start receiving new attacks. Even though honey pots are very popular with the media, they are less popular with businesses. Honey pots require a significant investment in administration and monitoring. They provide information for intrusion detection, for which there are numerous other solutions, and evidence collection, which is a duty for law enforcement. System administrators are usually too busy to devote too much time to hacker research.
|
I l @ ve RuBoard |