5-4 Flashcards
a software honeypot solution. comprised of a dedicated pc with the _________ program running. can emulate the major internet protocols thus appearing to be a fully functional server
Specter
specter works by runnning a number of _________ common to a network serers
services
specter logs all trafficto the server for analysis. user can set it up in one of 5 modes
open secure failing strange aggressive
on this mode the system behaves lika a badly configured server in terms of security. the downside of this mode is that you are most likely to attract and catch the least skillful hacker
Specter open mode
this mode had the system behaving like secure server
Specter secure mode
this mode is interesting in that it causes the system to behave like a server with various hardware and software problems. this might attract some hakers because such a system is likely to be vulnerable
Specter failing mode
in this mode the system behaves in unpredictable ways. this sort of behavior is likely to attract the attention of a more talented hacker and perhaps cause her tostay online longer to figure out what is going on. the longer the hacker stays connected the better the chance of tracing her.
Specter strange mode
this mode causesthe system to actively try and trace back the intruder and derive his identity. this mode is most useful for catching the intruder.
aggrassive
5 ways to configure fake passsword file in specter
easy normal hard fun warning
the first symantec product was a ________
decoy server
this product simulated being a real server by simulating many server functions such as incoming and outgoing traffic
symantec decoy server
the decoy server serves as a honeypot and an __________
IDS
an atempt is made to attract the intruder to a subsystem set up for the purpose of obvseving him
intrusion deflection
involves simply trying to make the system seem like a less palatable taget
intrusion deterrence
