[ Thanks to Justin
Klein Keane for this link. ]
“This is useful because you can use fingerprints to set
up alerting or protective mechanisms that can detect compromise
quickly and aid in response. For instance, running a honeypot you
might discover that most attackers, after compromising an apache
web server, attempt to write a file into the /tmp directory. You
can use this information to set up monitoring of the /tmp
directory, and alert administrators whenever apache writes new
files into /tmp. This can tip off systems administrators to a
possible compromise, by alerting them that there is behavior
occurring on their system that typically corresponds to post
compromise attacker behavior.“Honeypots can be generally divided into two categories: low
interaction and high interaction. A high interaction honeypot is a
complete system stack, set up on either a real or virtual
appliance. The high interaction honeypot is a real system for all
intensive purposes and provides intruders with all the capabilities
and tools that a real system would have. High interaction honeypots
can be a wonderful source of information about attackers, but they
carry a high risk as well. There are significant legal
ramifications to running a high interaction honeypot that should be
carefully considered before installing or running one. You need to
think very carefully about your deployment so you don’t end up
providing a platform from which an attacker could compromise other
systems.”
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.