Architecture
A client honeypot is composed of three components. The first component, a queuer, is responsible for creating a list of servers for the client to visit. This list can be created, for example, through crawling. The second component is the client itself, which is able to make a requests to servers identified by the queuer. After the interaction with the server has taken place, the third component, an analysis engine, is responsible for determining whether an attack has taken place on the client honeypot.
In addition to these components, client honeypots are usually equipped with some sort of containment strategy to prevent successful attacks from spreading beyond the client honeypot. This is usually achieved through the use of firewalls and virtual machine sandboxes.
Analogous to traditional server honeypots, client honeypots are mainly classified by their interaction level: high or low; which denotes the level of functional interaction the server can utilize on the client honeypot. In addition to this there are also newly hybrid approaches which denotes the usage of both high and low interaction detection techniques.
Read more about this topic: Client Honeypot
Famous quotes containing the word architecture:
“All architecture is great architecture after sunset; perhaps architecture is really a nocturnal art, like the art of fireworks.”
—Gilbert Keith Chesterton (1874–1936)
“Defaced ruins of architecture and statuary, like the wrinkles of decrepitude of a once beautiful woman, only make one regret that one did not see them when they were enchanting.”
—Horace Walpole (1717–1797)
“The principle of the Gothic architecture is infinity made imaginable.”
—Samuel Taylor Coleridge (1772–1834)