Dynamic Port Honeypot Overview
What is Dynamic Port Honeypot?
The dynamic port honeypot function is a deception trap. It uses a real port as a bait port to induce attackers to access the network. In the horizontal penetration scenario, the function can effectively detect attackers' scanning, identify faulty servers, and protect real resources of the user.
You can enable the dynamic port honeypot using recommended ports or user-defined ports to deceive compromised servers and reduce the risk of resources intrusion. Figure 1 shows how the dynamic port honeypot works.
How Do I Use Dynamic Port Honeypot?
Figure 2 shows the process of using the dynamic port honeypot.
|
Operation |
Description |
|---|---|
|
Enable the server port of dynamic port function, configure the source IP address whitelist, and bind the protected server. |
|
|
The dynamic port honeypot function reports an alarm when a potentially compromised server proactively connects to a honeypot port. You can handle the alarm based on service requirements. |
Constraints and Limitations
To use the dynamic port honeypot, the following conditions must be met:
- No EIPs have been bound to the server.
- The HSS premium, WTP, or container edition has been enabled for your servers. For more information, see Purchasing an HSS Quota and Upgrading Your Edition.
- The server agent version falls within the following scope and the agent is online. For more information, see Upgrading the Agent.
- Linux: 3.2.10 or later.
- Windows: 4.0.22 or later.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
