Ver:
Sistema/máquina
"trampa" utilizado para atraer a posibles intrusos.
recurso cuyo
valor reside en hecho de ser comprometido. Al ser elementos no productivos,
cualquier actividad dirigida u originada en ellos es considerada maliciosa y
por tanto de gran utilidad en detección de intrusiones como elemento de alerta
temprana. [CCN-STIC-401:2007]
Es un sistema
diseñado para analizar cómo los intrusos emplean sus armas para intentar entrar
en un sistema (analizan las vulnerabilidades) y alterar, copiar o destruir sus
datos o la totalidad de éstos (por ejemplo borrando el disco duro del
servidor). Por medio del aprendizaje de sus herramientas y métodos se puede,
entonces, proteger mejor los sistemas. Pueden constar de diferentes
aplicaciones, una de ellas sirve para capturar al intruso o aprender cómo
actúan sin que ellos sepan que están siendo vigilados.
http://www.alerta-antivirus.es/seguridad/ver_pag.html?tema=S
A deception technique in
which a person seeking to defend computing devices and cyber infrastructure
against cyber operations uses a virtual environment designed to lure the
attention of intruders with the aim of: deceiving the intruders about the
nature of the environment; having the intruders waste resources on the decoy
environment; and gathering counterintelligence about the intruder’s intent,
identity, and means and methods of cyber operation. The honeypot can be
co-resident with the real targets the intruder would like to attack, but the
honeypot itself is isolated from the rest of the systems being defended via
software wrappers, separate hardware, and other isolation techniques such that
the intruder’s operations are contained.
The Tallinn
Manual, 2013
A system (e.g., a web
server) or system resource (e.g., a file on a server) that is designed to be
attractive to potential crackers and intruders and has no authorized users
other than its administrators. [CNSSI_4009:2010]
(N) A system (e.g., a web
server) or system resource (e.g., a file on a server) that is designed to be
attractive to potential crackers and intruders, like honey is attractive to
bears. (See:
entrapment.) [RFC4949:2007]
A host that is designed to
collect data on suspicious activity and has no authorized users other than its
administrators. [NIST-SP800-61:2004]
A system designed to look
like a regular network but which, in fact, monitors and traces unauthorised
access.
http://www.getsafeonline.org/
A honey pot is a computer
system on the Internet that is expressly set up to attract and "trap"
people who attempt to penetrate other people's computer systems.
http://searchtechtarget.techtarget.com/glossaryBrowseAlpha/
Programs that simulate one
or more network services that you designate on your computer's ports. An
attacker assumes you're running vulnerable services that can be used to break
into the machine. A honey pot can be used to log access attempts to those ports
including the attacker's keystrokes. This could give you advanced warning of a
more concerted attack.
http://www.sans.org/security-resources/glossary-of-terms/
(I) "The deliberate
planting of apparent flaws in a system for the purpose of detecting attempted
penetrations or confusing an intruder about which flaws to exploit." [FP039] (See: honey pot.)
[RFC4949:2007]
Site leurre simulant un
site de production configuré avec une sécurité moyenne ou minime. Le but est
d'attirer les pirates informatiques afin de les détourner du véritable site de
production mais aussi dans le but d'analyser leurs techniques d'intrusion et de
découvrir les nouvelles tendances en la matière afin d'optimiser et d'adapter
les mécanismes de protection.
http://www.cases.public.lu/functions/glossaire/