Skip to content

Active defence

Adding active defence we can perhaps slow down adversaries and make hacking our devices and (small) networks more difficult and costly.

  • Honeypots or honeynets can be used to attract attackers, record the actions of adversaries, and alert administrators of breaches.
  • Honeyclients mimic the behaviour of a user-driven network client application, such as a web browser or chat app, while getting attribution on the adversary.
  • Honeyports create a fake listening port on an external facing real but non-important server that are favourite port for remote attacks, like telnet or ssh.

Which one to choose and why? Learning from the inquiry-based choices made by security people in corporations, and the development roadmaps of honeypots, we can make active defence design choices for @home and @NGO contexts.