A sacrificial host is a computer server that is intentionally positioned outside an organization’s Internet firewall in order to provide a service that could otherwise compromise the local network’s security if placed within the firewall.
Sacrificial hosts also are associated with bastion hosts, as they are implemented in the same way. Bastion hosts are designed specifically for attacks from outside intruders.
A sacrificial host can be considered more like bait than something that actually performs an important role within a network. It is positioned just like a bastion host in the network topology. However, with multiple security protocols and software, it is simply there to lure in an attacker, rather than trying to withstand attacks. The sacrificial host serves to delay and even try to track and obtain the attacker's identity. In short, a sacrificial host is simply a type of bastion host used as an active bait to lure potential attackers and learn, or possibly track and find, them.
For example, an FTP server is a typical bastion host that can be used as a sacrificial host. This occurs when network security personnel, such as a system administrator, finds that a system is under constant attack. The sacrificial host is set up to bait the intruder into accessing the sacrificial host. Once accessed, the host can provide a time delay, allowing the administrator enough time to get information about the intruder’s identity for possible capture. Other servers that can be made into sacrificial hosts are web, mail and DNS servers.
0 Comments