Sentinel Guard - Use to build up Honey Net with ZERO cost
Over the past few years, people have always talked excitedly about honeypot technology, all kinds of honeypot is emerge in endlessly, open source, commercial, low interactive, highly interactive, and so on, under normal circumstances, the general enterprise to the requirement of the honeypot actually is not high, and its essence require expensive deployment cost and not easy deployment, in companies with large network, the difficuty is also on the system operations of honeypot depens on the nubmer of honeypots you deployed; In addition, the number of honeypot probes in the internal network also determines the detection node distribution degree, and the distribution degree also determines the sensitivity of the transverse movement detection points in the internal network. Deployment is almost impossible to trigger without it. So is there a convenient and rapidly deployable internal honeypot solution? Of course, money is not a matter, exactly, I belong to the kind of moneyless. What do you do without money but talks security? Nothing except yourself! Therefore, based on Powershell script and Windows environment, I set up a sentinel guards to build up a honeynet with a pure ZERO cost , so as to realize whole-domain Windows host honeynet monitoring. In the most extreme, one-key whole-domain honeynet scheme can be realized simplely and quickly. What else do you still want under 0 cost? 0成本还要什么自行车?
哨兵 – 如何0成本搭建企业蜜网
三步一岗,五步一哨,让你在内网中无计可施,麻麻再也不用担心我的内网了!
蜜网技术实质上仍是一种蜜罐技术,是一种对攻击者进行欺骗的技术,通过布置一些作为诱饵的主机、网络服务以及信息,诱使攻击者对他们进行攻击,减少对实际系统所造成的安全威胁。但与传统的蜜罐技术的差异在于,蜜网构成了一个黑客诱捕网络体系架构,在这个架构中,可以包含一个或多个蜜罐,同时保证网络的高度可控性,以及提供多种工具以方便对攻击信息的采集和分析。