What is a Honeypot

Alton Hardin | 100,000+ Enrollments Worldwide
A free video tutorial from Alton Hardin | 100,000+ Enrollments Worldwide
Educator. IT & Business Professional. Author. Poker Coach.
4.7 instructor rating • 16 courses • 105,784 students

Lecture description

Learn more from the full course

MTA 98-367 Security Fundamentals Class & Exam Prep Bundle

Everything you need to pass the Microsoft MTA 98-367 exam on your 1st attempt, includes 2 full-length practice exams!

16:13:02 of on-demand video • Updated June 2022

  • This is a complete and comprehensive Microsoft MTA 98-367 Security Fundamentals Certification course and practice exams bundle. It’s designed to prepare you to be able to take and pass the certification exam needed to become Microsoft MTA 98-367 Certified.
  • Once you complete the course, you’ll have the knowledge and confidence to pass the Microsoft MTA 98-367 Security Fundamentals Certification exam AND the skills to begin working as an IT professional. This course is ideal as both a study tool and an on-the-job reference.
  • Your new skills and the Microsoft MTA 98-367 Certified will help you land an IT tech job or if you’re already working in IT, get a raise or advance in your career.
English [Auto] In this video, we're going to talk about honeypot. So what is a honeypot? Well, here's a diagram of a honeypot. What it is, is that a honeypot is a decoy server or multiple servers, and they're typically placed in a DMZ, which we see down here. We have our firewall, we have our DMZ over here with a honeypot in it, and then our internal network protected on a different interface on the firewall. And the whole purpose of these honey pots being in a DMZ is they're designed to entice malicious users, meaning hackers to attack them rather than our internal network. And so how does this work? Well, they're set up to look just like live production servers. However, the I.T personnel are going to poorly configure them to make them much easier to exploit than our actual production servers. So they're more enticing to attack, they're easier to get into, they're easier to exploit. So why do we use a honeypot? Well, they serve a twofold purpose. The first one, of course, makes sense and it's kind of straightforward is a lure that the hackers away from our real network. So we would much rather have them attack our honeypot than our real production internal network. The second thing is that honeypots allow our i.t personnel to observe and learn how hackers are attacking our system. So we get to learn their methodologies for how they're exploiting weaknesses and vulnerabilities within our systems so we can better secure them. So that's a honeypot. And like I said, they're typically set up within a DMZ that can be an actual physical server. They could be multiple servers, they could be multiple servers that are virtualized within a single physical server. The way in which they're set up is really just going to be dependent upon the organization. But like I said, they're typically set up in their own DMZ off on a different interface on our firewall. And in regards to the role that they play in network isolation, well, they play a role in isolating or at least enticing the attackers to their own isolated portion of the network rather than our internal network. So that's going to conclude our short introduction and overview into Honeypot. So if you have any questions, please let me know. If not, thanks for watching and I'll see you at the next video.