Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • Monitoring & Management
    • N-central Automate. Tackle complex networks. Get remote monitoring and management built for efficiency and scale.
    • RMM Start fast. Grow at your own pace. Try this powerful but easy remote monitoring and management solution.
    • Backup
    • Backup Get data protection for servers, workstations, applications, documents, and Microsoft 365 from one dashboard.
    • Security
    • EDR Defend against ransomware, zero-day attacks, and evolving threats with endpoint detection and response.
    • Mail Assure Leverage mail protection and archiving to keep your users safe from email threats and downtime.
    • Passportal Adopt and enforce best practices for password and documentation management with ease.
    • Tools & Services
    • MSP Manager Increase helpdesk efficiency with a robust PSA, ticketing, reporting, and billing management solution.
    • Take Control Help support customers and their devices with remote support tools designed to be fast and powerful.
    • View All
  • Solutions

    Solutions

    • Security Protect your customers and expand your business by offering layered security services without the complexity.
    • Monitoring Choose the right remote monitoring and management solution to meet you where you are and grow with you.
    • Operational Efficiency Boost profits by improving efficiency via automation, resources and training, and time-saving products.
    • IT Departments Keep your organization productive by easily managing IT from a single, easy-to-use, web-based dashboard.
    • Remote Monitoring Solutions Comparison Compare SolarWinds RMM and N-central side by side. Sign up to talk to a specialist to find the right fit.
    • View All
  • Resources
    • Download
    • Resource Library
    • Product Information
    • Free Tools
    • Learn
    • MSP Institute Webinar Series
    • Daily Live Demos
    • MSP Advice Project
    • Ask the N-central Experts
    • Upcoming Webcasts
    • Connect
    • Blog
    • Security Resource Center
    • Events
    • RMM Foundations Training
  • About
    • Company
    • About Us
    • Leadership
    • Careers
    • News & Press
    • Awards & Recognition
    • Support & Policies
    • Customer Success
    • Customer Support
    • Legal
    • Security
    • Get in Touch
    • Contact
    • Get a Quote
    • Worldwide Sales & Support
  • IT Departments
  • Contact Sales
    • Contact Sales
    • General Inquiry
    • Get a Quote
    • Worldwide Sales & Support
    • Talk to Specialist
    • Security Solutions
    • Monitoring Solutions
    • Operational Efficiency
  • Try Now
    • Monitoring & Management
    • N-central
    • RMM
    • Backup
    • Security
    • EDR
    • Mail Assure
    • Passportal
    • Tools & Services
    • MSP Manager
    • Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security Honeypotting Security and Network Considerations
Security

Honeypotting Security and Network Considerations

By SolarWinds MSP
30 August, 2019

The primary purpose of cybersecurity infrastructure is to keep attackers out. Firewalls, antivirus programs, and authentication techniques all help prevent hackers from penetrating your systems. But some IT infrastructure is meant to be broken into. Known as a honeypot, managed services providers (MSPs) and IT administrators occasionally employ decoy sites explicitly designed to attract hackers. The information gathered when hackers are lured in helps understand their motivation and behavior, as well as inform how they might be more effectively repelled in the future. 

In this article, we’ll examine honeypot security and how it can be deployed to protect your customers. 

What is a honeypot in network security?

If you watch police shows, you’re probably familiar with the idea of a sting operation, where law enforcement officers go undercover and try to entice a suspected criminal to sell them illegal goods or services. If the target takes the bait and agrees to a sale, the police pull out their badges and arrest the perpetrator. 

Honeypotting security works using the same principle. In honeypot computing, cybersecurity experts will create a fake system—called a honeypot—to attract malicious hackers. Just like a pot of honey is irresistible to Winnie the Pooh, honeypot technology is meant to entice hackers by being easy to penetrate and appearing to contain desirable information. A honeypot is most successful when it mimics an actual target and has applications and data that appear to be a real system. 

Why would system administrators purposefully invite black-hat hackers in? The honeypot technique is valuable for learning about the cybersecurity threats an organization faces and how they work. A well-designed network honeypot can reveal where attackers are coming from, what information they’re interested in stealing, and which techniques they use. Honeypotting can also be used to deflect attacks from actual targets. 

Of course, honeypotting is a dangerous game. If your honeypot IT setup is linked to real systems or sensitive data, the results could be disastrous. That’s why it’s essential for a honeypot to be completely separate from an organization’s other infrastructure. Honeypots are often run on virtual machines so they can be easily reset after an attack. The trick is to design a honeypot that’s indistinguishable from a genuine system. 

CTA Image

Advanced Threat Detection and Monitoring

Contact A SolarWinds Threat Monitor Solution Specialist today.

Contact Sales Learn More

What is a honeypot attack?

An attack occurs when hackers find a honeypot and make their way in. For honeypot network security to be successful, the honeypot must attract attacks. As an example, Symantec created an internet of things (IoT) honeypot architecture in 2015 to draw in hackers of connected consumer devices like routers, cameras, and video recorders. As the attacks poured in, the company discovered a great deal about hackers that target IoT devices. Based on IP addresses, they found that the attacks most commonly originated from China, the United States, Russia, Germany, and Vietnam. They also learned the passwords that hackers tried to use—"admin" and "123456" were the top attempts. 

Honeypots come in two main varieties: production and research. A production honeypot is placed within an organization’s production network to learn the identity of potential hackers. Mainly utilized by corporations, production honeypots are relatively simple to deploy but only reveal limited information. Research honeypots, by contrast, are standalone systems designed from the ground up to entice attackers. They are complex to design, but provide more information on black-hat hackers. Used to identify emerging, widespread threats, research honeypots are developed in academia, military organizations, and governments. 

What is the difference between a honeypot and a honeynet?

Whereas a honeypot is a single entity, a honeynet is two or more honeypots on the same network. Honeypot networking is typically implemented as part of a larger network intrusion detection system. Honeynets are used on large, complex networks where just one honeypot would not be enough. 

An email trap is another form of honeypot cybersecurity. This is an email address expressly designed to attract spam messages. Email traps can reveal where spammers find their targets and identify spam email addresses to be blacklisted and blocked.

Ensure you're always protected from outside attacks by reading through our blog for other common IT threats.

 

Additional reading

Building a Hacker-Resilient Network
The Changing Face of Cybercrime—Know Your Enemy
Hacker Ransoms - Don't be Next!
You might also like...
Security

February 2021 Patch Tuesday: Many “Exploitation More Likely” and an update to a Netlogon fix from last year

Security

What Do Auto Racing and EDR Have in Common?

Automation

What the Head Nerds Were Up to in 2020

Security

January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be

Security

December 2020 Patch Tuesday—A quiet(er) finish to a busy year in vulnerabilities

Security

Documentation Management API and Why It’s Important for the MSP Business

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • Three things I learned working for an MSP
  • Earning word-of-mouth referrals for your IT business
  • Backup automation part 1: Deploying backup devices
  • Ultimate Guide: MySQL Backup
  • Most common automation requests and how to solve them: Ep 2
Categories:
  • Security (240)
  • Tips & Advice (130)
  • Best Practices (97)
  • Backup & Disaster Recovery (96)
  • Managed Services (89)
  • The Head Nerds (82)
  • Business Growth (79)
  • IT Support (43)
  • Business (41)
  • Automation (40)
  • Operations (38)
  • Cybersecurity (37)
  • Mail (33)
  • Remote Management (30)
  • ITSM (26)
  • Networking (22)
  • Data (21)
  • Cloud Computing (21)
  • Marketing (15)
  • PSA (13)
  • Product (11)
  • Service Desk (6)
  • Services & Support (5)
  • Mobile (4)
  • Risk Intelligence (4)
  • GDPR (3)
  • Internet of Things (3)
  • Customer Service (3)
  • Research & Trends (2)
  • Training (2)
  • LOGICcards (1)
  • Cybersecurity Awareness Month (1)
  • Business Risk (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.