Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Send attackers on a wild goose chase with deception technologies

David Geer | Aug. 18, 2015
Deception is an information security approach for identifying and changing attacker behavior, tying up his time, and sending him packing.

The Artillery tool (Port Spoof, which is also part of ADHD is a similar tool) is a port spoofing tool that will fool an attacker into thinking that every port is open and that something worthy of attack is waiting there. It confuses the attacker, which makes them take longer. In the meantime, the enterprise has more time to detect and learn about the attacker. "Artillery will eventually actively shun an attacker," says Strand. But it's not going to shun you arbitrarily, instead setting a threshold that you must meet.

The WebLabyrinth tool works on the assumption that cyber criminals will crawl your website to identify web pages and input fields for exploitation. "WebLabyrinth serves up a whole bunch of fake pages to the bad guy. So whenever they're trying to crawl the website, their crawling tool just crawls infinitely. It'll never finish. That forces the bad guy to manually crawl the website instead of trying to use automated tools," says Strand. It can even crash the attacker's system. At that point, he may simply give up and go elsewhere.

The Spidertrap tool, similar to WebLabyrinth feeds attackers a list of sensitive directories, making him think that they all exist on this server, baiting them in all the more, causing them to waste more time, according to Strand.


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.