-
December 7th, 2003, 06:02 PM
#1
Honeypot???
Lol this might sound stupid lol...
Never heard of a honeypot and today saw this forum lol...
Anyways did some research on google instead of just running to u and asking what it is...
Anyways correct me if im wrong lol since I really dont know much about it...
Is a honeypot a software that protects you from adversaries that randomly scan the network?
I saw that it also triggers a counter-worm by immunizing infected hosts that contact virtual honeypots.
Thanks
/Scriptkiddie18
-
December 7th, 2003, 06:05 PM
#2
It can be software but it could also be an OS built from scratch. It can also be used for more than scans and worms (early warning system concept). You might use it as a research platform to understand better how and why attackers do what they do. Honeypots by Lance Spitzner is an excellent reference in regards to this.
Visit HoneyNet Project for some resources and details.
-
December 7th, 2003, 06:06 PM
#3
A honeypot is a bunch of different things really. The name for it comes from actual honeypots that might be used to draw away flies or other insects. The modern honeypot is the exact same thing, but for hackers.
The honeypot is designed to look like a real server, and act like it in many ways. This keeps an attacking entity busy with a fake server the entire time, and once they've managed to pierce the security, if at all, you can kick them out, patch up the honey pot and your real server, and be relatively safe. Generally, though, honeypots are mainly used on larger servers, and aren't designed for home computers or computers on a small network running a small file server, although it can be used that way.
There are a lot of variations on honey pots, and a lot more details that can go in with it, but that's the grand overview.
Edit: Dang, MsMittens. Beat me to it! Nice link, BTW.
-
December 7th, 2003, 06:06 PM
#4
a honey pot collects information about possible attacks... it sits around looking like a nice easy target, then collects all data from attackers to be analyzed later, many new attack techniques and worms are found in honeypots... goto honeynet.org for more info...
yeah, I\'m gonna need that by friday...
-
December 7th, 2003, 06:10 PM
#5
AHA...so its like a online trap so to say...it waits til somone attacks..it defends itself and counter attack the attacker?...wow nice thing
Thanks all and Thanks you too MsMittens for the link
/Scriptkiddie18
-
December 7th, 2003, 06:13 PM
#6
Ah.. Counter attacking isn't something that I've seen in all honeypots. In fact, from what I've read this isn't the preferred method. The reason is that the attacker may be using an innocent bystanders computer (so to speak) or could be spoofing (blind and half blind attacks) against the honeypot.
Unlike Senator Hatch, who thinks this is appropriate, it's not. Better to use to gain information and press charges than attack and be charged.
-
December 7th, 2003, 06:15 PM
#7
Member
a honey pot can be used in different ways, from what i know the FBI started setting up honeypots so they could collect evidence before arresting a cracker or scriptkiddy.
But they are free to download, setup and use for anyone now.
-
December 7th, 2003, 06:17 PM
#8
a honey pot can be used in different ways, from what i know the FBI started setting up honeypots so they could collect evidence before arresting a cracker or scriptkiddy.
Really? No wonder so many crackers and kiddies don't get jail time. That's "entrapment". Take a look at Lance Spitzner's discussion about the legalities of Honeypots, including entrapment and privacy issues (yes, privacy... go figure eh?)
-
December 7th, 2003, 06:21 PM
#9
That isn't entrapment, atleast not by itself. Entrapment is generally when cops use the evidence of a crime against a criminal to black-mail them, or so I've been told. I've also heard it said that it could be considered entrapment if the criminal was actually baited first, but a honeypot on a server that would already have been attacked for those same types of servers....that's not baiting, that's putting up a shield.
That's my two cents, could be wrong.
-
December 7th, 2003, 06:28 PM
#10
You lost me Mittens...were you disagreeing, or providing a broader palette for discussion?
Setting up a honepot is not entrapment. If you advertised it as a server that could be hacked for the purpose of catching black hats, then the defense would be entrapment.
Am I misunderstanding you?
EDIT: Thanks Mittens..I figured I was missing your point
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|