What are honeypots? - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: What are honeypots?

  1. #11
    Banned
    Join Date
    May 2003
    Posts
    1,004
    My understanding is that login banners warning of legal ramifications are much like the miranda rights, that is they are just assumed and their omission in no way presents a legal loophale for escape.

    The reasoning is, many systems that could be compromised run services that don't feature login banners. Login banners are targeted specifically at legit users in environments where it is not practical to have all users acknowledge (via a signature) the applied security policy.

    catch

  2. #12
    Senior Member
    Join Date
    Jul 2004
    Posts
    131
    if you ever have any questions, terms, or technology to lookup, you can try:

    tech target's whatis section:
    http://whatis.techtarget.com/

    for honeypots & honeynets:
    http://whatis.techtarget.com/definit...idx100,00.html

    here is the def. for honeypot:

    honey pot

    The term you selected is being presented by searchSecurity.com, a TechTarget site for Security professionals.

    A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. (This includes the hacker, cracker, and script kiddy.) To set up a honey pot, it is recommended that you:
    Install the operating system without patches installed and using typical defaults and options
    Make sure that there is no data on the system that cannot safely be destroyed
    Add the application that is designed to record the activities of the invader
    Maintaining a honey pot is said to require a considerable amount of attention and may offer as its highest value nothing more than a learning experience (that is, you may not catch any hackers).
    the closest i have come to a honeypot is i played around with specter.
    http://www.specter.com

    i didn't get a chance to fully set it up or deloy it - i got side tracked with more important work @ work.

    but i do constantly have a machine running ethereal and grabbing packets. hooked up to a roving analysis port on my switches. i usually tell the person that i will be sniffing their traffic. it's a great way to troubleshoot worms et la coming from internal hosts or even other subnets.

    regards
    More cowbell! We need more cowbell!
    http://www.geocities.com/secure_lockdown/
    - - -
    \"Is the firewall there to protect you from the outside world or is it there to protect the outside world from *YOU*?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •