SPECTER Intrusion Detection System 7.0
<
What is SPECTER?
SPECTER is a smart honeypot or deception system. It simulates a completemachine, providing an interesting target to lure hackers away from the production machines.
SPECTER offers common Inteet services such as SMTP, FTP, POP3, HTTP andTELNET which appear perfectly normal to the attackers but in fact are trapsfor them to mess around and leave traces without even knowing that they areconnected to a decoy system which does none of the things it appears to dobut instead logs everything and notifies the appropriate people.
Furthermore, SPECTER automatically investigates the attackers while theyare still trying to break in. SPECTER provides massive amounts of decoycontent and it generates decoy programs that will leave hidden marks on theattackers computer. Automated weekly online updates of the honeypots content and vulnerability databases allow the honeypot to change constantly without user interaction.
How does it work?
A SPECTER system consists of a dedicated PC and the SPECTER software. It isconnected to the network where attacks are expected. This usually means toconnect it close to the Inteet access point, typically in the DMZ, but itcan also be connected directly to the Inteet. SPECTER can also be installedon inteal networks to find out about suspicious activities originating from within an organization, or to detect security breaches.
Another interesting possibility is to install SPECTER on a production machinesuch as a mail server. In this scenario, the SMTP service is real while all other network services on the machine are simulated by SPECTER. If an attackerchecks out the machine looking for vulnerabilities, he will very likely connectto one of the simulated services and find what he is looking for.
But while he thinks hes breaking in, he has actually triggered an alert, hesinvestigated, everything he does is logged and at the same time the mail serveris absolutely safe.
What are the main advantages?
Suspicious interest in your network and your computers can be detected immediately.
Administrators are notified of hostile activity right when it happens so they can immediately look at the problem and take action.
By illegally downloading programs and other content from the honeypot machine,attackers put hidden evidence against them on their own computers. This evidencemay be used in court.Detailed logs of the activities provide information about character, skill level and intentions of an attacker and can be valuable evidence for proving the hostile nature of an attackers activities.
Important information about the identity of an attacker can be collected automaticallywhile it is still possible.The system is very easy to set up and configure while providing most sophisticated features. Fully automated online updates of the honeypots content and vulnerability databases allow the honeypot to change constantly without user interaction.
No false alerts as no legitimate user will ever connect to the honeypot.
BUY SPECTER Intrusion Detection System 7.0 40$
TAGS\: cheap SPECTER Intrusion Detection System 7.0, oem SPECTER Intrusion Detection System 7.0, discount SPECTER Intrusion Detection System 7.0
No comments:
Post a Comment