Summary
Traps and deceptive measures are measures that seem to be real systems, services, applications, environments, and so on, but they’re not. Deceptive measures are intended to provide false information to attackers and mislead them so that they do not focus their attacks on real systems and the network.
A trap is supposed to make an attacker stay in one place so that data concerning the attacker’s actions can be gathered. Major types of traps and deceptive measures include honeypots, computers designed to lure attackers, automated messages, messages sent to a user when usage of a system or application appears to be unauthorized or anomalous, trojaned commands, commands that provide misinformation, jail environments, and special shell environments ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
