ANALYSIS OF THE USE OF SOFTWARE BAITS (HONEYPOTS) AS A MEANS OF ENSURING INFORMATION SECURITY

This article analyses the usage of software baits as an information security asset. They provided close research about honeypot types, their advantages and disadvantages, possible security breaches, configuration and overall system effectiveness. Often, the entire electronic business of the organization is at stake, and even with the most reliable system of protection, a one-hundred-per cent guarantee of invulnerability of internal company data will not be given in principle. Depending on the goals pursued by the software lure, it can have various configuration parameters, ranging from software levels that do not require large settings and ending with complex hardware complexes. Depending on the level of complexity of the bait and its capabilities, they can be classified into three groups: weak, medium, and strong levels of interaction. In addition to the purely practical application of Honeypot, described above, no less important is the other side of the issue - research. Unfortunately, one of the most pressing problems for security professionals is the lack of information. Who threatens, why they attack, how and by what means they use - these questions very often do not have a clear answer. Informed means are armed, but in the world of security such information is not enough - there are no data sources. This is a very rare scenario, as no one can even theoretically allow the possibility of using a trap as a starting point to attack other objects. If you allow Honeypot to connect to remote hosts, an attacker could attack other systems using the trap's IP address as the source of the attack, which would cause serious legal issues. This possibility may be prohibited or controlled, but if it is prohibited, it may seem suspicious to the attacker, and if it exists but is controlled, the attacker may assess the restrictions or prohibited requests based on the information received, conclude that the attacked object is a trap.