What is a Honeypot?
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: What is a Honeypot?

  1. #1
    Member
    Join Date
    Feb 2003
    Posts
    79

    What is a Honeypot?

    I'm new to this stuff. Can someone explain what a honeypot is?
    - Runner -

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    508
    Hi,

    Check out this link http://www.tracking-hackers.com/

    Cheerss
    Not an image or image does not exist!
    Not an image or image does not exist!

  3. #3
    Member
    Join Date
    Jun 2002
    Posts
    47
    A honeypot is basiclly a decoy computer put on a network so that hackers will go after it instead of a regular computer
    Mafia = Organized Crime
    Government = Unorganized Crime

  4. #4
    I'm new to this stuff. Can someone explain what a honeypot is?
    Ahhh... some good reading is the "Know Your Enemy" Series

    http://project.honeynet.org/papers/

    hope this helps

    Jack

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Talking

    Well if you really want I can send you my powerpoint on Honeypots. I just taught that a couple of weeks ago.

    Basically, honeypots or honeynets are computers or networks setup to attract activity to them. The reasoning for attracting the activity varies: sometimes its to encourage attackers to stay away from the "goodies", sometimes its for an EWS, sometimes its for research. The reasoning why usually will determine the complexity of the honeypot.

    Low interaction honeypots like Back Officer Friendly are more for the detect and EWS concept. They give little to no interaction with the attacker. They also have the lowest risk.

    Medium interaction honeypots have some interaction but tend to be limited. Often, they incorporate "jailed" environments where attackers can only do so many things. They have some risk. Sometimes they are used to detect attacks before they happen.

    The last one has the highest risk and is the cheapest but most difficult to setup. High interaction is usually when you setup a full system live on the internet. You also get the greatest research value out of it.

    The Honey Net Project is a good place to learn. Additionally, Lance Spitzner's Honeypots is a good and straighforward read about the art of Honeypots.

    Obviously, one issue that has yet to be resolved is that of "entrapment". I do not think as of yet that Honeypots have been tested in a court of law.

    Hope that helps.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Member
    Join Date
    Feb 2003
    Posts
    79
    Thanks everyone.
    - Runner -

  7. #7
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    I fear the day that someone takes over these 'security' forums as a moderator and has to ask what a honeypot is. I really hope your question was a joke. If not, try the sites above. I will also dispense the words of wisdom that the rest of us go by...

    google.com say it with me now G-O-O-G-L-E DOT COM.

    To be honest I'm insulted and offended by this.
    And people wonder why so many regulars leave......
    *fart
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  8. #8
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    just another thing on Honeypots... these "High Risk" honeypots (as ms.mittens pointed out) give the most valuable feedback... as that's where most 0day exploits (latest exploits?) are found (by a white hat)... as soon as a new exploit hits one of these honeypots it's out on bugtraq, etc...
    yeah, I\'m gonna need that by friday...

  9. #9
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Talking

    Yup. I was thinking of putting my FreeBSD box on to the net as a "high risk" HP but not sure if it violates my AUP. What'dya think?

    I have this feeling it does...
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  10. #10
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    i'd imagine your admin not liking that too much
    AUP (had to look this up) Acceptable Use Policy...
    yeah, I\'m gonna need that by friday...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •