Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online
Authors: Sean Bodmer
Tags: #General, #security, #Computers
Temporary folders
Internet cache
Organizational documents
User personal files and folders, including personal information, personal education information, and industry information
Numerous types of files should be on any given system within user folders:
Professional
Personal
Education
Network or Organizational
The following are network or organizational considerations:
How do you ensure your honeypot looks like the production asset one IP address over?
How do you introduce bait systems on a network to entice an attacker into that area?
The following are of more concern when addressing government networks:
They do not change often.
All systems typically have a long paper trail.
Regular maintenance is required on every system.
Realism
The following are important to make your honeypot look real:
Ensure IP addressing matches participant/customer IP schema.
Ensure the honeypot computer names match the host system schema.