Question

What role does a firewall play in a honey pot design?

Answer 1

In computer terminology, a honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.

A honeypot is valuable as a surveillance and early-warning tool. While often a computer, a honeypot can take on other forms, such as files or data records, or even unused IP address space. Honeypots should have no production value and hence should not see any legitimate traffic or activity. Whatever they capture can then be surmised as malicious or unauthorized.

Role of fire wall in honey pot design:

Honeypots are designed to mimic systems that an intruder would like to break into but limit the intruder from having access to an entire network. If a honeypot is successful, the intruder will have no idea that s/he is being tricked and monitored. Most honeypots are installed inside firewalls so that they can better be controlled, though it is possible to install them outside of firewalls. A firewall in a honeypot works in the opposite way that a normal firewall works: instead of restricting what comes into a system from the Internet, the honeypot firewall allows all traffic to come in from the Internet and restricts what the system sends back out.

So noting the bolded text that, firewall in honey pot only restricts what system sends back out. It is mainly designed to inside the firewall to allow all traffic to come into the system so that honey pot can access files, data records, and all the data.But the primary or the main thing to note is the firewall will restrict the data or,files or any kind of things which are sent back by the honey pot system. Thats the main role of firewall in honey pot design.