O'Reilly logo

Applied Network Security Monitoring by Jason Smith, Chris Sanders

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12

Using Canary Honeypots for Detection

Abstract

A canary honeypot is a system that mimics a production system and is deployed to serve as an early detection mechanism in the event of a network breach. These honeypots can operate in two different formats; either as an exploitable or non-exploitable honeypot. In this chapter we discuss the difference between these types of honeypots, and discuss considerations for the practical deployment of honeypots for NSM detection. This includes discussion of several popular honeypot applications, such as Honeyd, Kippo, and Tom’s Honeypot, along with examples of their use. This chapter also briefly introduces the concept of Honeydocs, and how to create them.

Keywords

Network Security Monitoring; Detection; ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required