Information-Gathering and Alerting Capabilities
There are three core areas for detection and information gathering with Specter. The first is alerting, notifying an organization when the honeypot has detected activity. Specter has excellent notification functionality, providing effective and reliable facts in real time. The second element is reviewing the captured information after being notified. Specter supports several log methods, including Log Analyzer. This is a separate application that is used to analyze the logged activity stored locally on the honeypot. The third element is intelligence gathering, which is a unique function where the honeypot will actively gain information on an attacker.
In the beginning of this chapter we demonstrated ...
Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
