IAB Interactive Standardized Equipment List   return to main tree

Search Interactive SEL:



[05NP-00-FWAL] Prev [05NP-00-IDPS] Next
SEL Number: 05NP-00-HONY
Title: Honeypot


Last Updated: 11/7/2024 5:44:17 PM

Previous SEL Number: 05NP-00-HONY

Description: System or software designed to act as a vulnerable decoy, attracting and detecting attackers while gathering data on their tactics, techniques, and behavior.

ImportantFeatures: May be dedicated appliances or virtual machine images.
Most honeypot solutions can emulate a variety of vulnerable network services.

Operating Considerations: Recommended only for organizations with a professional IT staff and substantial network infrastructure, as part of a risk management plan.
All honeypot activity must be closely monitored to maximize value.
Many solutions have known network fingerprints and could be easily detected by attackers.
If not configured properly, some honeypots may be used as pivot points by attackers, creating additional vulnerability.

Training Requirements: Per Manufacturer's recommendations.
Initial Training: Moderate (1-2 days)
Sustainment Training: Minimal (<1 day)

Mandatory Standards:

Applicable Standards and References: