KeyFocus, an Internet security provider, announces the world’s first Windows networking emulation honeypot, a key feature of the major new release of its flagship product KFSensor 2.0, its honeypot based intrusion detection system.
This groundbreaking technology enables KFSensor to detect the nature of attacks on file shares and Windows administrative services – currently the most prevalent and damaging of all illicit intrusions performed over the Internet.
Firewalls can detect port scans, but they cannot identify the nature of an attack. Network Intrusion Detection Systems can identify certain attacks, but not without running the risk of jeopardizing security. Only KFSensor can provide optimal information on an attack, without the risk of compromise.
KFSensor emulates all four of Microsoft’s NetBIOS and SMB/CFIS services, allowing hackers and a whole class of worms – such as Randex and Opaserv, to attempt to exploit insecure file shares and other vulnerabilities inside a secure simulated environment. Consequently, KFSensor provides a level of analysis never before available to security professionals.
The already extensive emulation and reporting features of KFSensor have been further extended – adding the capability for users to write their own scripts and database queries. These are compatible with scripts written for the Honeyd system.
KFSensor is a host based Intrusion Detection System (IDS). It acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans.
The system is highly configurable and features detailed logging, analysis of attacks, multiple alerting mechanisms and sophisticated emulations of standard systems services. This approach complements other forms of security and adds another defense against the growing security threat faced by all organizations.
The honeypot approach to security has a number of key advantages. It produces a much lower number of false positive alerts and provides far more detail on an attack than other forms of security.
KFSensor has been developed from the ground up, as a production honeypot system, dedicated to the task of intrusion detection. Used as part of a comprehensive security strategy, KFSensor adds an additional layer of protection to detect security breaches that may not be picked up by other means.
KFSensor is a second generation honeypot application for Windows NT4/2000/XP/2003. Designed to be easy to configure and maintain, it provides advanced honeypot detection to organizations that have chosen not to adopt this emerging security technology up to now.
KeyFocus Ltd. is a software company dedicated to developing network and system security software. KeyFocus was one of the first companies to recognize the potential of honeypot technology to move beyond a research tool and become a valuable production system, which could complement and enhance an organization’s existing security infrastructure. KeyFocus Ltd. is a privately funded and based in London, England.