Malware Collector in a Nutshell

Abstract

We use honey pot as a tool to detect and collect new and unknown malwares. Once detected it would be easy for that we can easily get the required information about the malware and we can be able to locate the intruder. We can be able to get the source and destination IP and intruder also use different combinations of username and passwords. We can also log these usernames and password and through analysis of this log file we can be able to identify use some strong passwords. Honeypot is not an antivirus or firewall. It is basically a tool which helps in understanding, the cyberthreats through this we can be able to make our system more secure. We can be able to identify the location of the intruder. There are different types of honeypots and each of them have different types of functions for example to log brute force attacks and for network security a different types of honeypots are used as already mentioned every honeypot has its own specific functionality. Some of the main example of honeypots are email traps, decoy database, malware honeypot, spider honeypots and many others. Honeypot works on SSH and Telnet to log brute all the attacks performed by the hacker along this shell interaction of the attacker as well. We can also say our honeypot is specifically designed for SSH and Telnet. We are going to open these ports to make our system vulnerable for the attack and we done this by making module through programming by giving port number. These ports are 22 and 23 and as previously mentioned these ports are opened through programming module. Intruder can access through these ports and we can get the IP of the intruder and we can be able to locate the intruder through IP.