Specifying Honeypot Goals
The first, and most critical, step to successfully implementing honeypots is determining what you want to do with them. What do you expect your honeypots to accomplish? How do you want them to secure your environment? Honeypots will not replace your firewall, Intrusion Detection Systems, or security best practices, but they are part of your overall security architecture. You have to determine what their ideal role is for your organization.
The specific honeypot solutions discussed in the preceding six chapters each excelled at a specific area of security.
Preventing attacks through deception or deterrence—for example, Specter’s ability to emulate vulnerabilities or give warning messages.
Detecting attacks, acting as ...
Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.