Propuesta de mejores prácticas para el establecimiento de políticas de seguridad informática basado en Honeynet virtuales.

Abstract

The present research aimed to make a proposal of best practices for the establishment of computer security policies based on virtual Honeynets; to elaborate the proposal the technical standards published in the site Honeynet Project were analyzed, in addition some recommendations of standards and norms of security were considered as ISO 27001. The proposal consists of 7 stages that range from the selection of technologies, to the determination of the ISO 27001 controls necessary to mitigate threats discovered in technological infraestructures. A virtual Honeynet was implemented in a test scenario, using recommended tools by the Honeynet Project such as Honeywall Roo, Sebek, and Walleye. An ethical Hacking test was applied before and after the implementation of the proposed guide; the computer attacks used were: port scans, MetaSploit, dictionary attacks, TCP/SYN, code injection, backdoor installation; in the analysis and comparison of the experimental results obtained from the tests in the analysis and comparison of the experimental results obtained from the tests it was concluded that with the application of the proposed guide it was possible to mitigate in 85,7% the threats detected in a test environment. It is recommended to carry out a risk analysis and to develop ISO 27001 controls according to the reality of each of the institutions, prior to the application of the guide to good practices developed in the present investigation.