Imagine a server with lots of PII: Personally-Identifiable InformationImagine passwords stored in plaintext, credit card numbers, addresses,and even healthcare-related information.
想象一个服务器有许多PII:个人身份信息想象密码存储在明文、信用卡号码、地址,甚至与医疗保健相关的信息中。
Imagine the administrators deliberately not putting any form of cybersecurity on the server.
想象一下管理员故意不把任何形式的网络安全放在服务器上。
What is this, a bad dream?
这是什么,噩梦吗?
No, this is by design.
不,这是故意的。
A server like this is called a honeypot.
像这样的服务器叫做蜜罐。
A network of these machines is called a honeynet.
这些机器的网络称为蜜网。
Decoy systems are deployed on networks designedto lure potential attackers away from critical systems.
诱骗系统被部署在旨在引诱潜在攻击者离开关键系统的网络上。
This also allows security specialists to collect information about attackers' activities.
这还允许安全专家收集有关攻击者活动的信息。
Typically these honeypots encourage attackers to stay on the system long enoughfor administrators to document and respond to the attack.
通常,这些蜜罐鼓励攻击者在系统上停留足够长的时间,以便管理员记录和响应攻击。
It also allows administrators to refine the firewall rules basedon observed attacker behaviors.
它还允许管理员根据观察到的攻击者行为细化防火墙规则。
Deception software is the new wave of honeypots.
欺骗软件是新一波的蜜罐。
These decoys can be centrally managed,made to work with other security software, and run through virtualization.
这些诱饵可以集中管理,与其他安全软件一起工作,并通过虚拟化运行。
Intruders can be fooled at many layers, such as network; endpoint; application;and data with fake browser credentials and decoy work stations; phony files; datasets; and more.
入侵者可以在许多层上被愚弄,如网络;端点;使用伪造浏览器凭证和诱骗工作站的数据;假的文件;数据集;和更多。
An endpoint might be set up to look like it runs a particular version of Windowswhen it is really a Linux machine.
当端点实际上是一台Linux机器时,可以将其设置为看起来像运行特定版本的Windows。
This will deceive malware into attacking vulnerabilities the system doesn't have.
这将欺骗恶意软件攻击系统没有的漏洞。
A decoy document can be made to look like it contains new product designs or be embeddedwith a tracking capability that will let the company know when and from where it was opened.
一份诱骗文件可以被做成包含新产品设计的样子,也可以嵌入追踪功能,让公司知道文件何时何地被打开。
转载于:https://www.cnblogs.com/sec875/articles/10420207.html
相关资源:Detection and Prevention of Code Injection Attacks on HTML5-based Apps