July 22nd, 2003, 03:27 PM
Fun Things To Do With Your Honeypot
Jason Larsen and Alberto Gonzalez have published a paper on honeypots at linuxsecurity.com:
Here is a link to the complete paper: Fun Things To Do With Your Honeypot
Honeypots are a hot topic in the security research community right now. It seems everyone is starting up their own honeypot system. Most of the papers deal with the potential gains a honeypot can give you, and the proper way to monitor a honeypot. Not very many of them deal with the honeypots themselves.
Most honeypots as deployed as just an extra box someone has lying around. They slapped an OS on it, checksummed all the files, installed an IDS, and set about waiting for the hackers to arrive. Those kinds of honeypots ignore some of the most interesting parts of what a honeypot can do. Honeypots can be used to ensnare and beguile potential hackers; entice them to give you more research information, and actively defend your production network.
July 22nd, 2003, 03:38 PM
Very good read
/me goes and explores the possibility of setting up his own honeypot...