honeynet
Home > Security Definitions - Honeynet
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

honeynet

Show me everything on Security Testing and Ethical Hacking

DEFINITION - A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. Although the primary purpose of a honeynet is to gather information about attackers' methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets.

In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn't actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as "Finances" or "Human Services" to make them sound appealing to the attacker.

A virtual honeynet is one that, while appearing to be an entire network, resides on a single server.

Learn more about Security Testing and Ethical Hacking
How security audits, vulnerability assessments and penetration tests differ: A lot of people use the words security audit, vulnerability assessment and penetration test interchangeably. Can you explain the differences between them so I'll know which term to use at the right ...
Ethical hacking techniques for standard penetration testing: I recently did a penetration test for one of our company's partners, only to find out that management had not obtained written permission from the partner for the test to be performed. The partner ...
Information security book excerpts and reviews: Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Screencast: Google hacking, infosec style: In this exclusive screencast step-by-step demo, Tom Bowers explains how to ensure an organization's intellectual property doesn't fall into the wrong hands.
Quiz: What's your infosec IQ?: Test your information security IQ with this short quiz.
The Controversy of Hacking Books and Classes: Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' Gray Hat Hacking.
Crash course: Vulnerability management: Is vulnerability management a measurable and proactive process in your organization? Attend our on-demand webcast, and learn new tactics for managing the vulnerability lifecycle.

LAST UPDATED: 29 May 2007

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- The Honeynet Project Web site offers more information in their article, "Know your enemy: Honeynets."
- SANS Institute provides a document called "Honey Pots and Honey Nets - Security through Deception."
- Richard Salgado outlines some of the legal issues surrounding the use of honeynets.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Could Metasploit popularity erode?
The Metasploit Project, created by researcher H.D. Moore and kept open source since 2003, has been acquired by Rapid7 which has plans to integrate...
Metasploit Project acquired by vulnerability management firm Rapid7
The popular Metasploit Framework remains a free and open source hacking tool. Creator HD Moore joins Rapid7 as CSO, Metasploit architect.
Should management processes change based on a patch release schedule?
Expert Michael Cobb explains why planned patch release schedules, though helpful, may alter they way you handle the deployment of your own updates.

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Cyber Storm  (SearchSecurity.com)
Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) February 6-10, 2006 to evaluate...
ethical hacker  (SearchSecurity.com)




Get More honeynet Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts