Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Honeypot (computing)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Computer security mechanism}} In computer terminology, a '''honeypot''' is a [[computer security]] mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of [[information systems]]. Generally, a honeypot consists of [[data]] (for example, in a network site) that appears to be a legitimate part of the site which contains information or resources of value to attackers. It is actually isolated, monitored, and capable of blocking or analyzing the attackers. This is similar to police [[sting operations]], colloquially known as "baiting" a suspect.<ref>{{Cite web|url=https://www.sans.edu/cyber-research/security-laboratory/article/honeypots-guide|title=Honeypots: A Security Manager's Guide to Honeypots|last1=Cole|first1=Eric|last2=Northcutt|first2=Stephen|archive-url=https://web.archive.org/web/20170316110416/https://www.sans.edu/cyber-research/security-laboratory/article/honeypots-guide|archive-date=16 March 2017}}</ref> The main use for this network decoy is to distract potential attackers from more important information and machines on the real network, learn about the forms of attacks they can suffer, and examine such attacks during and after the exploitation of a honeypot. It provides a way to prevent and see vulnerabilities in a specific network system. A honeypot is a decoy used to protect a network from present or future attacks.<ref name="A Virtual Honeypot Framework">{{cite web |last1=Provos |first1=N |title=A Virtual Honeypot Framework |url=https://www.usenix.org/legacy/event/sec04/tech/full_papers/provos/provos_html/ |website=USENIX |access-date=29 April 2023}}</ref><ref name="dl.acm.org">{{cite book |last1=Mairh |first1=A |last2=Barik |first2=D |last3=Verma |first3=K |last4=Jena |first4=D |title=Proceedings of the 2011 International Conference on Communication, Computing & Security - ICCCS '11 |chapter=Honeypot in network security: A survey |date=2011 |volume=1 |issue=1 |pages=600β605 |doi=10.1145/1947940.1948065 |isbn=978-1-4503-0464-1 |s2cid=12724269 |url=https://dl.acm.org/doi/abs/10.1145/1947940.1948065 |access-date=29 April 2023}}</ref> Honeypots derive their value from the use by attackers. If not interacted with, the honeypot has little to no value. Honeypots can be used for everything from slowing down or stopping automated attacks, capturing new exploits, to gathering intelligence on emerging threats or early warning and prediction.<ref>{{Cite book |last=Spitzner |first=L. |chapter=Honeypots: Catching the insider threat |title=19th Annual Computer Security Applications Conference, 2003. Proceedings. |chapter-url=http://dx.doi.org/10.1109/csac.2003.1254322 |date=2003 |pages=170β179 |publisher=IEEE |doi=10.1109/csac.2003.1254322|isbn=0-7695-2041-3 |s2cid=15759542 }}</ref> [[File:Honeypot diagram.jpg|thumb|Diagram of an information system honeypot]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)