IT Security instantly becomes an issue for anyone who connects their system to the Internet, either via a corporate network, an Internet Service Provider (ISP) from home or wireless device that can be used virtually anywhere when there are wireless access points. Security threats range from hacking intrusions, denial of service attacks to computer worms, viruses and more.
We must understand that intrusion to a network or system can never be eliminated but however, can be reduced. Computer crimes are always increasing. Countermeasures are developed to detect or prevent attacks – most of these measures are based on known facts, known attack patterns – as in the military, it is important to know who your enemy is, what kind of strategy he uses, what tools he utilizes and what he is aiming for – by knowing attack strategies, countermeasures can be improved and vulnerabilities can be fixed. Security activities range from keeping intruders out of the network or system, preventing the interception of information sent via the Internet to limiting the spread of and damage caused by computer viruses.
Most security professionals understand that the three concepts in IT Security are prevention, detection and respond whereby there is no end-to-end security equipment or solution that can cover two or all the concepts. For example, firewalls and anti-virus would fall under prevention, intrusion detection system and vulnerability scanners under detection and incident response teams would come under respond.
Comprehensive security solutions include a mixture of software and hardware components. But however, honeypots fall under two main categories, Detection and Respond. Honeypots have a primary goal, which is to collect as much information as possible on the attack. The honeypot should operate in stealth mode so that the attacker would not know of its presence, as such, the information gathered would give the defenders a considerable advantage to protect and prevent attacks on the production systems.