Plan de fortalecimiento ante ataques informáticos en el centro de datos de la ESPAM aplicando mecanismo de seguridad Honeypot

Communications networks are exposed to cyber-attacks that present great economic losses and problems in the operation of systems within the data center. The objective of this research is to analyze the implementation of a Honeypot T-pot computer security tool, deployed in a virtualized infrastructur...

תיאור מלא

שמור ב:
מידע ביבליוגרפי
מחבר ראשי: Mendoza Varela, Lisbeth Carolina (author)
פורמט: masterThesis
שפה:spa
יצא לאור: 2022
נושאים:
גישה מקוונת:http://repositorio.espam.edu.ec/handle/42000/1801
תגים: הוספת תג
אין תגיות, היה/י הראשונ/ה לתייג את הרשומה!
תיאור
סיכום:Communications networks are exposed to cyber-attacks that present great economic losses and problems in the operation of systems within the data center. The objective of this research is to analyze the implementation of a Honeypot T-pot computer security tool, deployed in a virtualized infrastructure. Honeypot technology, a tool that simulates vulnerable services and applications on a network, allows control, capture and analysis of the data collected, which establishes the forms of attack, geographical location of the attacker, IP address, commands used, movements of the attacker, and the mechanisms to reduce these anomalies. For the execution of this investigation, a T-pot honeypot battery was installed due to the variety of equipment and infrastructure that integrates the ESPAM MFL data center, the methodology used was qualitative, the execution was carried out through the cycle computer method in V, and the phases of: specifications, high-level and detailed design, implementation, and finally unit, integration and operational testing were considered. As a result, detected attacks on the infrastructure were obtained, attacks analyzed by the maltrail tool, which allowed the analysis and interpretation of the data, which helped to establish hardening mechanisms in the firewall towards the demilitarized zone, as a conclusion, the implementation of the Honeypot facilitated the enemy house the same one that was independently deployed before the firewall, in order to avoid damage to the production network where the servers are located.