sorry to ask u this guys.. i guess this is not a lame question. im a newbie and i dont know what is the meaning of honeypot?
Printable View
sorry to ask u this guys.. i guess this is not a lame question. im a newbie and i dont know what is the meaning of honeypot?
Useing google I just did a search for you and found this excelent discription of what a honeypot is
http://www.sans.org/newlook/resource.../honeypot2.htm
Another valuable one....
http://project.honeynet.org/
or...
http://www.tracking-hackers.com/
Doing a search in Google or kartoo.com will turn up enough info...
A Bientot
a honeypot is where some 1 puts up like a seperate litlle server to catch an attacker in the act it will log all the activities but give a response to the person (s) attacking the server your computer (EG) u find out you have sub7 running on your computer and you download and install a honeypot when the attacker logs in it will log there IP and the activities which they are doing and thus you have evidence against the attacker to pursue it further (eg) report it to there ISP
Thnx for your answers. This will help me alot to increase further my knowlegde.
Hello there fellow AO cohorts! Top of the morning to ya! I was wondering if anyone here has ever used a honeypot? I think the concept is very cool, but I am wondering how practical it is and under what circumstances you would want to implement it. I appreciate any help.
Thanks.
additionally, there are a number of variations from the log-and-respond honeypot. some provide the intellegence to detect anomalies such that new attacks/vulnerabilities can be identified. other's actually attack back.
it's practical when the resources and risk allow for it (just like anything else in security).
it's best implemented along side a h/n ids that can benefit from new signatures learned.
Thanks for the info!