Re: Need your helping defining honeypots

["Bernie, CTA" <cta () hcsin net>]

The way I define and have utilize honeypots is as follows:

A honeypot is an autonomous system security threat containment and
auditing resource designed to surreptitiously intercept, record, and
insulate an attacker's actions from production environment. Intelligence
gathered from Honeypots can be analyzed to develop and enhance system
security safeguards and attack countermeasures, to better 
protect the production environment. 


On 16 May 2003, at 13:24, Lance Spitzner wrote:
> Recently I released a paper attempting to define honeypots.
> I've received alot of great feedback on that.  Some of the
> feedback has been we may be able to improve on the definition.
> Honeypots are extremely flexible and can be used for many
> different things.  As such, I propose two different possible
> definitions.  Comments/input GREATLY appreciated!
>
>
> Option 1:
> ---------
> A honeypot is a security resource who's value lies in being
> probed, attacked, or compromised.
>
>
> Option 2:
> ---------
> A honeypot is a resource operated to monitor the use by entities
> who are unauthorized, or have reason to believe they are
> unauthorized, to use those resources. 
>
>
>
> Do you have a preference for either defintion, a different
> defintion, or perhaps a combination of the both?  If so, why? Let
> us know.
>
> Thanks!
>
> -- 
> Lance Spitzner
> http://www.tracking-hackers.com
-



-
****************************************************
Bernie 
Chief Technology Architect
Chief Security Officer
cta () hcsin net
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go 
//    to avoid the pure labor of honest thinking."   
//     Honest thought, the real business capital.    
//      Observe> Think> Plan> Think> Do> Think>      
*******************************************************