Architecture
A client honeypot is composed of three components. The first component, a queuer, is responsible for creating a list of servers for the client to visit. This list can be created, for example, through crawling. The second component is the client itself, which is able to make a requests to servers identified by the queuer. After the interaction with the server has taken place, the third component, an analysis engine, is responsible for determining whether an attack has taken place on the client honeypot.
In addition to these components, client honeypots are usually equipped with some sort of containment strategy to prevent successful attacks from spreading beyond the client honeypot. This is usually achieved through the use of firewalls and virtual machine sandboxes.
Analogous to traditional server honeypots, client honeypots are mainly classified by their interaction level: high or low; which denotes the level of functional interaction the server can utilize on the client honeypot. In addition to this there are also newly hybrid approaches which denotes the usage of both high and low interaction detection techniques.
Read more about this topic: Client Honeypot
Famous quotes containing the word architecture:
“They can do without architecture who have no olives nor wines in the cellar.”
—Henry David Thoreau (1817–1862)
“All architecture is great architecture after sunset; perhaps architecture is really a nocturnal art, like the art of fireworks.”
—Gilbert Keith Chesterton (1874–1936)
“No architecture is so haughty as that which is simple.”
—John Ruskin (1819–1900)