Honey pots are as follows.... a server that is configured to detect a intruder by mirroring a real production system. It appears as an ordinary server doing work,but all data an transactions are 'phony' located either in or just outside the firewall, the honey pot is used to learn about an intruders techniques and to learn about which parts of the system are vunerable.
there is something you use also with a honey pot trap its called a honey net its a network containing honey pots a virtual honeynet resides in a single server but pretends to be a whole server
i have also found out there are two types of honey pot
production honeypots- these are easy to use and capture only limited infothey are mainly used by companys and corparations
research honeypots- these are complex to deploy and maintain these capture alot of info and are mainly used by reasearch companies,military or goverment organisations
Saturday, 27 March 2010
Wednesday, 24 March 2010
Intro to my chosen topic
I have chosen to research honey pot traps.
i am going to try find out about what a honey pot trap is, who would use this and why you would need to use it.
i am going to try find out about what a honey pot trap is, who would use this and why you would need to use it.
Thursday, 11 March 2010
proxy servers and firewalls
a proxy server is acts like a middle man, a client connect to a proxy server and give access into the different sites as to the filtering rules.
the potential puropses of proxy servers are as follows..
to apply access policy like block certain websites eg in a workplace
to create a log of internet use in a company
Firewalls
a technological barrier designed to prevent unautherized or unwanted communication between sections or a computer network.firewalls can be used in software and hardware
there are several types of firewall techniques... packet filter, aplication gateway, circut level gateway, proxy server.
the potential puropses of proxy servers are as follows..
to apply access policy like block certain websites eg in a workplace
to create a log of internet use in a company
Firewalls
a technological barrier designed to prevent unautherized or unwanted communication between sections or a computer network.firewalls can be used in software and hardware
there are several types of firewall techniques... packet filter, aplication gateway, circut level gateway, proxy server.
Wednesday, 3 March 2010
secure sockets
secure sockets..
each SSL certificates has a public and private key. when a website wants to connect to a domain a secure sockets layer authenticates the server and client, an encryption method is made and secure transmission can begin.
each SSL certificates has a public and private key. when a website wants to connect to a domain a secure sockets layer authenticates the server and client, an encryption method is made and secure transmission can begin.
Digital signatures and certificates...
a digital signature is basically a way to ensure that an electronic document is authentic it has not been tampered with. digital signatures rely on certain types of encryption to make sure that it is real.
a digital certificate is to do a public key encryption on a very large scale, it is basically a bit of information to say that the website is safe to use and trusted by an independant source called the Certificate Authority, it acts as a middle man that both parties can trust it shows that each computer knows who each other is then provides public keys to each other.
Public key
public key encryption is concidered very secure as it does not require a shared key between the sender and reciever. a "key" is a small piece of text code that triggers an algorithm to encode or decode text.
a digital signature is basically a way to ensure that an electronic document is authentic it has not been tampered with. digital signatures rely on certain types of encryption to make sure that it is real.
a digital certificate is to do a public key encryption on a very large scale, it is basically a bit of information to say that the website is safe to use and trusted by an independant source called the Certificate Authority, it acts as a middle man that both parties can trust it shows that each computer knows who each other is then provides public keys to each other.
Public key
public key encryption is concidered very secure as it does not require a shared key between the sender and reciever. a "key" is a small piece of text code that triggers an algorithm to encode or decode text.
Encryption Algorithms...
RSA in 1977 this was first proposed by three mathematitions, this system uses the public and private key format. RSA is the most common form of encryption today.
DES the data encryption standard also founded in 1977, it forms the basis for ATM PIN authentication and also UNIX password encryption, due to recent advances some people think that DES in no longer a safe against all attacks so there has been a stronger standard come out called 3DES, triple DES encrypts three times and uses a different key for at least one of the passes giving it a key size of 122-168 bits.
Blowfish is a symmetric block cypher takes a variable length key from 32 bits to 448, Blowfish was designed in 1993 as free alternative.
IDEA International Data Encryption Algorithm was developed in switzerland in to 1990's it uses the same key encryption/decryption as the DES but uses 128 bit key making it nearly impossible to crack, it also has hardware chipsets to make it even faster.
RC4 is a cypher containing 2048 bits which is reasonably fast in comparison to some methods, it streams a mixture of random bytes and text, it is useful for a situation where a different key can be used for a message.
RSA in 1977 this was first proposed by three mathematitions, this system uses the public and private key format. RSA is the most common form of encryption today.
DES the data encryption standard also founded in 1977, it forms the basis for ATM PIN authentication and also UNIX password encryption, due to recent advances some people think that DES in no longer a safe against all attacks so there has been a stronger standard come out called 3DES, triple DES encrypts three times and uses a different key for at least one of the passes giving it a key size of 122-168 bits.
Blowfish is a symmetric block cypher takes a variable length key from 32 bits to 448, Blowfish was designed in 1993 as free alternative.
IDEA International Data Encryption Algorithm was developed in switzerland in to 1990's it uses the same key encryption/decryption as the DES but uses 128 bit key making it nearly impossible to crack, it also has hardware chipsets to make it even faster.
RC4 is a cypher containing 2048 bits which is reasonably fast in comparison to some methods, it streams a mixture of random bytes and text, it is useful for a situation where a different key can be used for a message.
Subscribe to:
Comments (Atom)
