Page 133 - Cyber Defense eMagazine for July 2020
P. 133
Fig 3: Screengrab of Crypto’s UI
Security Mechanisms
Honeypot
Luring an unsuspicious attacker into a trap is the singular mechanism that a Honeypot implements.
According to wikipedia, a honeypot is a computer security mechanism set to detect, deflect, or, in some
manner, counteract attempts at unauthorized use of information systems. Creation of honeypot on any
port belies it as a decoy enticing to the attackers, thus enabling prevention or at least deceleration of
attacks to the main system. Logging the honeypot environment for any of the activities performed by
attackers mistaking the honeypot for a real loophole is also implemented to enhance the security policy.
The logs can be sent to the users’ mail or even stored on remote servers such as graylog for future
pattern analysis. Below is a code sample of the honeypot:
@eel.expose
def honeypot():
LHOST = '0.0.0.0'
LPORT = 1024
RHOST = '192.168.29.203'
RPORT = 9000
BANNER = '220 ProFTPD 1.2.8 Server\nName: '
Cyber Defense eMagazine –July 2020 Edition 133
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.