This thesis focuses on the topic of honeypots technology and their use for network
attacks monitoring. It theoretically analyzes the honeypots and their variants honeynet and
honeytoken. The practical part describes how to deploy two open source solutions of
honeypot, Kippo and Dionaea.
Kippo honeypot can be classified, despite its limitations, as a high interactive
honeypot. This solution emulates the SSH service and it is primarily intended for the detection
and capture of brute force attacks on the service.
Dionaea is a honeypot designed primarily for capturing malware. It aims to capture
malware in the trap using the vulnerabilities of offered and exposed network services with the
aim to obtain a copy of the malware for subsequent analysis.
Data obtained from the real deployment of the proposed solutions are presented and
measures in relation to the SIEM instruments are proposed as well as improved security of the
protected network.
Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:259320 |
Date | January 2016 |
Creators | Krula, Jiří |
Contributors | Vasilenko, Alexandr, Rostislav , Rostislav |
Publisher | Česká zemědělská univerzita v Praze |
Source Sets | Czech ETDs |
Language | Czech |
Detected Language | English |
Type | info:eu-repo/semantics/masterThesis |
Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0015 seconds