Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • SolarWinds N-central Automate what you need. Tackle complex networks. Try this remote monitoring and management solution built to help maximize efficiency and scale.
    • SolarWinds RMM Start fast. Grow at your own pace. Try this powerful but simple remote monitoring and management solution.
    • SolarWinds EDR Defend against ransomware, zero-day attacks, and evolving online threats with Endpoint Detection and Response
    • SolarWinds Backup Manage data protection for servers, workstations applications, documents and Microsoft 365 from one SaaS dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking for...

    • Security Solutions
    • Monitoring Solutions
    • Efficiency Solutions
  • Resources
    • Blog
    • Webcasts & Events
    • Ask the N-central Experts
    • Daily Live Demos
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Center
    • COVID-19 Resources
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Customer Success
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
      • COVID-19 Response
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • IT Departments
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds N-central
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security Honeypotting Security and Network Considerations
Security

Honeypotting Security and Network Considerations

By SolarWinds MSP
30 August, 2019

The primary purpose of cybersecurity infrastructure is to keep attackers out. Firewalls, antivirus programs, and authentication techniques all help prevent hackers from penetrating your systems. But some IT infrastructure is meant to be broken into. Known as a honeypot, managed services providers (MSPs) and IT administrators occasionally employ decoy sites explicitly designed to attract hackers. The information gathered when hackers are lured in helps understand their motivation and behavior, as well as inform how they might be more effectively repelled in the future. 

In this article, we’ll examine honeypot security and how it can be deployed to protect your customers. 

What is a honeypot in network security?

If you watch police shows, you’re probably familiar with the idea of a sting operation, where law enforcement officers go undercover and try to entice a suspected criminal to sell them illegal goods or services. If the target takes the bait and agrees to a sale, the police pull out their badges and arrest the perpetrator. 

Honeypotting security works using the same principle. In honeypot computing, cybersecurity experts will create a fake system—called a honeypot—to attract malicious hackers. Just like a pot of honey is irresistible to Winnie the Pooh, honeypot technology is meant to entice hackers by being easy to penetrate and appearing to contain desirable information. A honeypot is most successful when it mimics an actual target and has applications and data that appear to be a real system. 

Why would system administrators purposefully invite black-hat hackers in? The honeypot technique is valuable for learning about the cybersecurity threats an organization faces and how they work. A well-designed network honeypot can reveal where attackers are coming from, what information they’re interested in stealing, and which techniques they use. Honeypotting can also be used to deflect attacks from actual targets. 

Of course, honeypotting is a dangerous game. If your honeypot IT setup is linked to real systems or sensitive data, the results could be disastrous. That’s why it’s essential for a honeypot to be completely separate from an organization’s other infrastructure. Honeypots are often run on virtual machines so they can be easily reset after an attack. The trick is to design a honeypot that’s indistinguishable from a genuine system. 

CTA Image

Advanced Threat Detection and Monitoring

Contact A SolarWinds Threat Monitor Solution Specialist today.

Contact Sales Learn More

What is a honeypot attack?

An attack occurs when hackers find a honeypot and make their way in. For honeypot network security to be successful, the honeypot must attract attacks. As an example, Symantec created an internet of things (IoT) honeypot architecture in 2015 to draw in hackers of connected consumer devices like routers, cameras, and video recorders. As the attacks poured in, the company discovered a great deal about hackers that target IoT devices. Based on IP addresses, they found that the attacks most commonly originated from China, the United States, Russia, Germany, and Vietnam. They also learned the passwords that hackers tried to use—"admin" and "123456" were the top attempts. 

Honeypots come in two main varieties: production and research. A production honeypot is placed within an organization’s production network to learn the identity of potential hackers. Mainly utilized by corporations, production honeypots are relatively simple to deploy but only reveal limited information. Research honeypots, by contrast, are standalone systems designed from the ground up to entice attackers. They are complex to design, but provide more information on black-hat hackers. Used to identify emerging, widespread threats, research honeypots are developed in academia, military organizations, and governments. 

What is the difference between a honeypot and a honeynet?

Whereas a honeypot is a single entity, a honeynet is two or more honeypots on the same network. Honeypot networking is typically implemented as part of a larger network intrusion detection system. Honeynets are used on large, complex networks where just one honeypot would not be enough. 

An email trap is another form of honeypot cybersecurity. This is an email address expressly designed to attract spam messages. Email traps can reveal where spammers find their targets and identify spam email addresses to be blacklisted and blocked.

Ensure you're always protected from outside attacks by reading through our blog for other common IT threats.

 

Additional reading

Building a Hacker-Resilient Network
The Changing Face of Cybercrime—Know Your Enemy
Hacker Ransoms - Don't be Next!

You might also like...

Security

Do Your Vendors Take Security Seriously? 
Mail

What Is DMARC Email Security and How Do You Implement It?
Security

September 2020 Patch Tuesday—A Higher Count of Critical Vulnerabilities
Mail

How to Tell If You Have Efficient Email Threat Protection
Mail

Top Outbound Email Security Best Practices for Your Company
Backup & Disaster Recovery

Five Hidden Security Risks You May Find with Traditional Backup Mechanisms

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts

  • Could Your MSP Be Growing More Quickly? 
  • Partnering for Growth: Strong Defenses, Solid MSP Partnerships
  • Backup Monitoring: Part 6—Securing Your Backup Devices
  • Monitoring Network Devices Using Automation in N-central
  • Remote Support Software: Key Features Checklist

Categories:

  • Security (435)
  • Business Growth (427)
  • Tips & Advice (334)
  • Managed Services (308)
  • Best Practices (248)
  • Business (216)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (145)
  • IT Support (111)
  • ITSM (78)
  • The Head Nerds (72)
  • Mail (70)
  • Data (64)
  • Product (63)
  • Cloud Computing (61)
  • Marketing (57)
  • Remote Management (42)
  • Networking (41)
  • Operations (41)
  • Automation (38)
  • Risk Intelligence (31)
  • Customer Service (29)
  • GDPR (17)
  • Services & Support (17)
  • Service Desk (15)
  • PSA (15)
  • Research & Trends (14)
  • Business Risk (12)
  • Internet of Things (12)
  • Mobile (11)
  • Training (11)
  • Security-series (8)
  • Cybersecurity Awareness Month (6)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.