-
March 2nd, 2003, 12:15 AM
#1
What is a Honeypot?
I'm new to this stuff. Can someone explain what a honeypot is?
-
March 2nd, 2003, 12:23 AM
#2
Hi,
Check out this link http://www.tracking-hackers.com/
Cheerss
Not an image or image does not exist!
Not an image or image does not exist!
-
March 2nd, 2003, 12:24 AM
#3
Member
A honeypot is basiclly a decoy computer put on a network so that hackers will go after it instead of a regular computer
Mafia = Organized Crime
Government = Unorganized Crime
-
March 2nd, 2003, 12:24 AM
#4
Banned
I'm new to this stuff. Can someone explain what a honeypot is?
Ahhh... some good reading is the "Know Your Enemy" Series
http://project.honeynet.org/papers/
hope this helps
Jack
-
March 2nd, 2003, 12:26 AM
#5
Well if you really want I can send you my powerpoint on Honeypots. I just taught that a couple of weeks ago.
Basically, honeypots or honeynets are computers or networks setup to attract activity to them. The reasoning for attracting the activity varies: sometimes its to encourage attackers to stay away from the "goodies", sometimes its for an EWS, sometimes its for research. The reasoning why usually will determine the complexity of the honeypot.
Low interaction honeypots like Back Officer Friendly are more for the detect and EWS concept. They give little to no interaction with the attacker. They also have the lowest risk.
Medium interaction honeypots have some interaction but tend to be limited. Often, they incorporate "jailed" environments where attackers can only do so many things. They have some risk. Sometimes they are used to detect attacks before they happen.
The last one has the highest risk and is the cheapest but most difficult to setup. High interaction is usually when you setup a full system live on the internet. You also get the greatest research value out of it.
The Honey Net Project is a good place to learn. Additionally, Lance Spitzner's Honeypots is a good and straighforward read about the art of Honeypots.
Obviously, one issue that has yet to be resolved is that of "entrapment". I do not think as of yet that Honeypots have been tested in a court of law.
Hope that helps.
-
March 3rd, 2003, 02:19 AM
#6
-
March 7th, 2003, 10:42 PM
#7
I fear the day that someone takes over these 'security' forums as a moderator and has to ask what a honeypot is. I really hope your question was a joke. If not, try the sites above. I will also dispense the words of wisdom that the rest of us go by...
google.com say it with me now G-O-O-G-L-E DOT COM.
To be honest I'm insulted and offended by this.
And people wonder why so many regulars leave......
*fart
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
-
March 7th, 2003, 10:46 PM
#8
just another thing on Honeypots... these "High Risk" honeypots (as ms.mittens pointed out) give the most valuable feedback... as that's where most 0day exploits (latest exploits?) are found (by a white hat)... as soon as a new exploit hits one of these honeypots it's out on bugtraq, etc...
yeah, I\'m gonna need that by friday...
-
March 7th, 2003, 10:48 PM
#9
Yup. I was thinking of putting my FreeBSD box on to the net as a "high risk" HP but not sure if it violates my AUP. What'dya think?
I have this feeling it does...
-
March 7th, 2003, 10:53 PM
#10
i'd imagine your admin not liking that too much
AUP (had to look this up) Acceptable Use Policy...
yeah, I\'m gonna need that by friday...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|