Data Collection - Page 7 - Results from #6 | LinuxSecurity.com

Advisories

Feature Articles

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

Discover LinuxSecurity Features

Know The Enemy: Upgrade Your Threat Detection Strategy with Honeynets - Data Collection

Article Index

Know The Enemy: Upgrade Your Threat Detection Strategy with Honeynets - Data Collection

Data Collection

Data Control and Data Capture are two requirements for Honeynet technologies. Any time an organization deploys a Honeynet, it is critical to ensure that these standards are met. Data Collection is different in that  it is optional. Data Collection is the aggregation of data from multiple Honeynets to a centralized point. Its purpose is to exponentially increase the value of information collected. Most organizations deploy only a single Honeynet, so Data Collection does not apply. However, some organizations deploy multiple Honeynets. In these cases, there needs to be a standard for Data Collection. 

When part of a distributed environment, each Honeynet is assigned a unique identifier. Data sent by each Honeynet to a central location is tagged with the unique identifier. This data is then forwarded by each Honeynet to the single data collection point.

Comments (0)

There are no comments posted here yet

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.