Support Silicon Dojo at:
https://www.donorbox.org/etcg
http://www.silicondojo.com/

Honeypot Introduction
What is a Honeypot
A decoy system or device used to get a hacker to expose themselves
Many Products are Available
Part of an Intrusion Detection System
Honeypot Strategy
Do you have current problems/ concerns?
Surveillance IS NOT SECURITY
What happens when you detect an issue?
Create Very Visible and “Hidden” Servers
Look for Vulnerabilities You Don’t Have
Track Any Access Attempts
Even Pings can be tracked
SSH
Remote Desktop
FTP
Log Files
Log Files are your documentation of what has happened on your network
Parsing log files from multiple servers and devices can give you a better view of an intrusion event
Trigger events based on log files
Notifications
Dynamic Firewall Rules
Harden Your Honey Pot
A hacker taking control of your Honeypot would be sad :(
Verify security on your Honeypot is adequate
Wipe and Reload Honeypots periodically
Choosing a Honeypot