Skip to main content

Explain Advantages and Disadvantages of honeypot


As we have already discussed about honeypot in our last blog and here we are going to discuss about advantages and disadvantages of the honeypot, before we start if you have not gone through our last blog then click here and go through What is honeypot?



Advantages of honeypot:


  • Honeypots collect data from actual attacks and other unauthorized activities, providing analysts with a rich source of useful information.

  • Acts as a rich source of information and helps collect real-time data.

  • Identifies malicious activity even if encryption is used.

  • Wastes hackers’ time and resources.

  • Improves security.Ordinary cybersecurity detection technologies generate alerts that can include a significant volume of false positives, but honeypots reduce this volume because there is no reason for legitimate users to access them.

  • Honeypots can be good investments because they do not require high-performance resources to process large volumes of network traffic looking for attacks, because they only interact with malicious activities.

  • Honeypots capture malicious activity, even if an attacker is using encryption.



Disadvantages of honeypot:


  • Honeypots only collect information when an attack occurs. Zero attempts to access the honeypot means there is no data to analyze.

  • Being distinguishable from production systems, it can be easily identified by experienced attackers.

  • Having a narrow field of view, it can only identify direct attacks.

  • A honeypot once attacked can be used to attack other systems.

  • Fingerprinting(an attacker can identify the true identity of a honeypot ).

  • Malicious traffic that has been captured is only collected when an attack targets the honeypot network; if attackers suspect a network is a honeypot, they will avoid it.

  • Honeypots are often distinguishable from legitimate production systems, which means experienced hackers can often differentiate a production system from a honeypot system using system fingerprinting techniques.



Labels:

Comments

Post a Comment

Popular posts from this blog

What is STP? - Explain Advantages and Disadvantages

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change. STP (Spanning Tree Protocol) automatically removes layer 2 switching loops by shutting down the redundant links. A redundant link is an additional link between two switches. A redundant link is usually created for backup purposes. Just like every coin has two sides, a redundant link, along with
5 comments
Read more

What are the Advantages and Disadvantages of TCP/UDP ?? Difference between TCP and UDP

As in previous blog we have define and explain about what is TCP and UDP and from now we are moving ahead with Advantages, Disadvantages and Difference of TCP and UDP but for this you have to know about TCP and UDP hence to understand it go for a What is TCP and UDP . Advantage of TCP Here, are pros/benefits of TCP: It helps you to establish/set up a connection between different types of computers. It operates independently of the operating system. It supports many routing-protocols. It enables the internetworking between the organizations. TCP/IP model has a highly scalable client-server architecture. It can be operated independently. Supports several routing protocols. It can be used to establish a connection between two computers. Disadvantages of TCP Here, are disadvantage of using TCP: TCP never conclude a transmission without all data in motion being explicitly asked. You can't use for broadcast or multicast transmission. TCP has no block boundaries, so you
Post a Comment
Read more