HoneyPoint: Honeypot for Windows, Linux or Mac

HoneyPoint Security Server combines multiplatform support, unique features, and limitations

Roger A. Grimes (InfoWorld)
18 November, 2010 05:47
Comments

After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.

HoneyPoint's sensors, called HPoints, consist of HoneyPoints and HornetPoints. HoneyPoints are traditional honeypots with fake listening services and banners. HornetPoints are HoneyPoints that actively try to slow down malware and malicious hacking tools using defensive fuzzing, which is otherwise known as "tarpitting" in the computer security world. HoneyPoints and HornetPoints connect back to a centralized HoneyPoint Security Console; the data sent from the HPoints is encrypted to the console using 128-bit Blowfish.

Additionally, MicroSolved offers HoneyPoint Trojans and HoneyBees. HoneyPoint Trojans are red herring binary programs (custom created by MicroSolved when requested by the customer) that an attacker might be tricked into executing; the Trojan then connects back to the console, alerting the admin to the presence and location of the attacker. HoneyBees are programs that simulate unencrypted POP3 and HTTP connections, in order to create bogus authentication traffic that an attacker might sniff.

These are slightly interesting features, but they are useful only in certain scenarios: when the attacker has installed sniffers; when the sniffer is operating on the right network connections or the attacker has disabled the switched segments; or when the attacker is looking for POP3 or HTTP traffic. In short, they rely on a number of contingencies.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: etwork, Linux

References show all

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"Wow! Great progress! Go NBNCo! Ummm... How many of those 7300 satellite ..."

NBN build gaining momentum daily: Quigley
"Very first time commenter on Face Time - Interview with John Brennan ..."

Face Time - Interview with John Brennan and Robert DiStefano
"When someone writes an piece of writing he/she keeps the idea of ..."

Monday Grok: Will Siri crack the walls of GOOG?
"Truly no matter if someone doesn't be aware of after that its ..."

Face Time - Interview with John Brennan and Robert DiStefano
"I read this post completely about the resemblance of latest and previous ..."

Face Time - Interview with John Brennan and Robert DiStefano

Tags: desktop pcs, freemium, hardware systems, insider threat, intrusion, Intrusion detection and prevention, Mac, malware, MicroSolved, operating systems, security, Security Central, software, Windows

Latest Blog Posts

Whitepapers

Award-winning unified information security from Clearswift.
Fully integrated web and email gateway security solution, providing - protection from inbound threats, policy based encryption, and data loss prevention.

Learn more »
IDC Whitepaper: Generating Proven Business Value with EMC Next-Generation Backup and Recovery
IDC interviewd ten companies that have deployed EMC backup and recovery solutions, including EMC Data Domain and EMC Avamar. Some of the customers also had EMC NetWorker. The purpose was to identify and quantify the resulting business value of each project, in order to calculate a cumulative return on investment. Read on.

Learn more »
Getting real about Virtual Backup and Recovery
Virtualisation continues to grow in popularity with real implications when it comes to backup and disaster recovery. Acronis compiles an annual survey of worldwide confidence in backup and disaster recovery. This year the survey has also thrown up a number of key global findings some of which are discussed further in this whitepaper, where we look at the continued spread of virtualisation, the implications in terms of backup and recovery.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Case Study: Keeping information on the move: Clearswift protects Maman, the logistics experts

Time is money. Every minute a consignment is held up in transit costs money and causes problems. Web and email are mission critical business tools that enable Maman, and their ...

Recent comments

"Wow! Great progress! Go NBNCo! Ummm... How many of those 7300 satellite ..."
NBN build gaining momentum daily: Quigley
"Very first time commenter on Face Time - Interview with John Brennan ..."
Face Time - Interview with John Brennan and Robert DiStefano
"When someone writes an piece of writing he/she keeps the idea of ..."
Monday Grok: Will Siri crack the walls of GOOG?
"Truly no matter if someone doesn't be aware of after that its ..."
Face Time - Interview with John Brennan and Robert DiStefano
"I read this post completely about the resemblance of latest and previous ..."
Face Time - Interview with John Brennan and Robert DiStefano

Follow CIO

Market Place

Gartner Security & Risk Management Summit, 16-17 July 2012, Sydney

Cyber Security Summit 2012 | 1-3 August | Save $150 using promo code CSO | Check out agenda today

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

HoneyPoint: Honeypot for Windows, Linux or Mac

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

5 open source billing systems to watch

10 Tips for Dealing with a Bully Boss

CIO challenge with BYOD: Don't fall down the rabbit hole

Face Time - Interview with John Brennan and Robert DiStefano

All Systems Down

IT service management going social

Survey: Over 97 per cent of enterprise tablet users got an iPad in Q1

Judge throws out mass John Doe porn copyright lawsuits

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Case Study: Keeping information on the move: Clearswift protects Maman, the logistics experts

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012