In other words a honeypot is useless if attacker or malicious user does not attack or atleast try to attack it.

Use of honeypots:
Honeypots are designed to study the different kinds of attack and the procedure in which attack takes place.thus honeypots lures the attackers to attack the system with a pupose of security and security related studies and analysis.a normal user will never connect to honeypot resource.

Now since a honeypot resource has no real use thus if a system admin notices a user connecting to it,then 99% of the time that user is a malicious one.

In brief honeypots has following uses:
A} uses of research honeypots:
1. To research on attackers {tools, methods, techniques and exploits}.
2. To assess general trend in the security industry.
3. Research honeypots are useful for research purposes.
4. Honeynets are networks of honetpots that trap the attackers by luring them and all their activities are recorded by research honeypots.

B} uses of production honeypots:
1. Production honeypots tricks the attackers in attacking the honetpot system instead of actual system.
2. Helps in detection of attacks.
3. Reduces false positives.
4. Reduces false negatives as it detects almost all attacks.
5. Log files are complete and easy to read.
6. Works with encryption and ipv6 environment.
7. Any traffic to honeypots is concluded to be malicious one 99% of time.
8. Helps in computer forensics,as evidence is not tampeted with.
9. Honeypots can be disconnected as soon as attack is detected.

There are two main types of honeypots:
1. Research honeypots:
The biggest problem that system admins face nowadays, is that they do not know their own attackers.they do not know the techniques,tools,methods etc being used ny their attackers due to which it is impossible to protect one`s own system on internet.to solve this problem research honeypots are used.

Uses of research honeypots:
1. To research on attackers {tools, methods, techniques and exploits}.
2. To assess general trend in the security industry.
3. Research honeypots are useful for research purposes.
4. Honeynets are networks of honetpots that trap the attackers by luring them and all their activities are recorded by research honeypots.

2. Production honeypots:
Production honeypots are normally used for improving the security of a particular network.

Uses of production honeypots:
A. Production honeypots tricks the attackers in attacking the honetpot system instead of actual system.
B. Helps in detection of attacks.
C. Reduces false positives.
D. Reduces false negatives as it detects almost all attacks.
E. Log files are complete and easy to read.
F. Works with encryption and ipv6 environment.
G. Any traffic to honeypots is concluded to be malicious one 99% of time.
H. Helps in computer forensics,as evidence is not tampeted with.
I. Honeypots can be disconnected as soon as attack is detected.

According to the level of implementation, research honeypots and production honeypots are classified into following two types:

1. Low involved honeypots:
A. A typical low involved honeypot will have a few ports open, so the admin knows what ports the attackers will try to connect to.
B. The attackers will not be allowed to do anything else on the server and hence they are less risky.
C. Low involved honeypots do not give the essential insight into attacker, hence they are normally used as producttion honeypots.

2. High involved honeypots:
A. High involved honeypots will have a few open ports and a few vulnerable services running.
B. The attacker is allowed to actually to break into high involved honeypots, which makes them risky.
C. It can be used to collect a lot of insight on the tools, techniques, methods used by attacker and hence they are normally used as research honeypots.

Advantages of honeypots:
1. Records minimal but extremely important data .for example :recoding the activity of malicious users
2. Efficient: centralised log files or ids log files might drop a few lines due to high activity and bandwidth.
3. Works with encryption ipv6 as well.
Disadvantages of honeypots:
1. Worthless:
if nobody attacks the honeypot, then it is practically useless.

2. Risky:
a typical honeypot introduces varied amount of risk in the overall security of the concerned network.

Significance of windows registry:
Windows registry determines the look, tool and working of windows system in a similar way to the genes {DNA and RNA} determining the look and feel of human beings.

To control the h/w,s/w,look,feel,features and functionality one has to master the registry. So mastering the registry one can control not only control the whole computer but also its network. The current version of windows has registry which has all the setting that were previously contained in config.sys, autoexec.bat, win.ini etc present in older version of windows.

Windows registry thus is the key to improve the security from hacker’s perspective. The funny prank part of registry serves as icing for cake.

Registry gives us the platform to use the loopholes and abstract the data and make the h/w and s/w function the way we want them to do even when connected to network for security purposes.

Examples: one can disable run and search functions so that crackers cannot gain its access to carry out malicious activity. Locking certain drives having sensitive data. Disabling registry tool after giving a good security through it so that the settings becomes permanent.

The registry differs from version to version of windows so right kind of windows version must be used, e.g. Windows NT has huge scope for applying different tweaks.

To get different registry tweaks to improve the performance of P.C for making full use of registry’s ability visit websites:
www.regedit.com
www.winguides.com

So, the registry is very important if we are thinking of Hacking windows

Address for windows registry and data stored:
Registry is in windows directory or folder by the name regedit which is executable file. The organizes data in keys and sub-keys.

We can open the registry by,
Start> Run> regedit
Or Start> Run> c:\ windows\regedit.exe
Or Start> Run> regedit32.exe (under Win NT)

The registry is actually organized into keys and subkeys. Each key contains a value entry; each one has a name, a type or a class and the value itself. The name is a string that identifies the value to the key. The length and the format of the value is dependent on the data type.

Registry editor is divided into five principal keys or hives:
HKEY_LOCAL_MACHINE
HKEY_CLASSES_ROOT
HKEY_CURRENT_CONFIG
HKEY_DYN_DATA
HKEY_USERS
There is no way to add or delete at this level.

Only two of these keys are effectively saved on hard disc:
HKEY_LOCAL_MACHINE & HKEY_USERS.

The others are just branches of the main keys or are dynamically created by windows.

Important note before editing registry:
Since, registry is the core of OS, we should back up the copy of it on floppy, each time we attempt any changes or modifications in the windows registry otherwise, we may need to reinstall the OS, if there happens any mistake.

My favourite pick from all reg tweaks:
Add Command Prompt Option to Every Folder (All Windows) Popular
If you still use the DOS prompt regularly then this setting creates a new right-click menu option to open a command prompt at the selected directory.
Open your registry and find the key below.

Create a new sub key called ‘Command’ under the main key (i.e. [HKEY_CLASSES_ROOT\Directory\shell\Command]). Change the value of ‘(Default)’ within the key to equal the text you would like on the right-click menu, for example ‘Command Prompt’.

Create another new sub-key under the key created above, named ‘command’ (i.e. [HKEY_CLASSES_ROOT\...\Command\command]).

Change the value of ‘(Default)’ within this key depending on your operating system to equal either:

Windows 95, 98 or Me
command.com /k cd “%1″
or
Windows NT, 2000 or XP
cmd.exe /k cd %1
Now right-click on a folder and the new option of ‘Command Prompt’ should be available.

Registry Settings
System Key: [HKEY_CLASSES_ROOT\Directory\shell]
Value Name: (Default)
Data Type: REG_SZ (String Value)