What is a Honeypot

A free video tutorial from Alton Hardin | 100,000+ Enrollments Worldwide
Educator. IT & Business Professional. Author. Poker Coach.
Rating: 4.7 out of 5Instructor rating
14 courses
112,720 students
Honeypots

Learn more from the full course

Microsoft Security Fundamentals

Learn the Fundamentals of Information Security for the Windows Operating System

13:05:12 of on-demand video • Updated September 2022

Understand the Fundamentals of Information Security
Learn Windows Operating System Security Fundamentals
Have a Working Understanding of The Many Aspects of IT Security
Be Prepared for More Advanced Information Security Courses
English [Auto]
In this video, we're going to talk about honeypot. So what is a honeypot? Well, here's a diagram of a honeypot. What it is, is that a honeypot is a decoy server or multiple servers, and they're typically placed in a DMZ, which we see down here. We have our firewall, we have our DMZ over here with a honeypot in it, and then our internal network protected on a different interface on the firewall. And the whole purpose of these honey pots being in a DMZ is they're designed to entice malicious users, meaning hackers to attack them rather than our internal network. And so how does this work? Well, they're set up to look just like live production servers. However, the I.T personnel are going to poorly configure them to make them much easier to exploit than our actual production servers. So they're more enticing to attack, they're easier to get into, they're easier to exploit. So why do we use a honeypot? Well, they serve a twofold purpose. The first one, of course, makes sense and it's kind of straightforward is a lure that the hackers away from our real network. So we would much rather have them attack our honeypot than our real production internal network. The second thing is that honeypots allow our i.t personnel to observe and learn how hackers are attacking our system. So we get to learn their methodologies for how they're exploiting weaknesses and vulnerabilities within our systems so we can better secure them. So that's a honeypot. And like I said, they're typically set up within a DMZ that can be an actual physical server. They could be multiple servers, they could be multiple servers that are virtualized within a single physical server. The way in which they're set up is really just going to be dependent upon the organization. But like I said, they're typically set up in their own DMZ off on a different interface on our firewall. And in regards to the role that they play in network isolation, well, they play a role in isolating or at least enticing the attackers to their own isolated portion of the network rather than our internal network. So that's going to conclude our short introduction and overview into Honeypot. So if you have any questions, please let me know. If not, thanks for watching and I'll see you at the next video.