Re: Need your helping defining honeypots

["Andy Cuff \[talisker\]" <offthecuff () lineone net>]

Hi Lance
My preference is to the latter, though I do prefer Davide's version:

"A honeypot is a security resource used to monitor, log, and study the
actions of unauthorized entities which probe, attack or compromise it."

Matt Fisher introduces the term decoy which is especially pertinent to
development honeypots, perhaps this could be used instead of resource.
Whilst we are discussing definitions is there a better term for development
honeypots?


take care
-andy
Taliskers Network Security Tools
http://www.networkintrusion.co.uk
----- Original Message ----- 
From: "Lance Spitzner" <lance () honeynet org>
To: <honeypots () securityfocus com>
Sent: Friday, May 16, 2003 7:24 PM
Subject: Need your helping defining honeypots


> Recently I released a paper attempting to define honeypots.
> I've received alot of great feedback on that.  Some of the
> feedback has been we may be able to improve on the definition.
> Honeypots are extremely flexible and can be used for many
> different things.  As such, I propose two different possible
> definitions.  Comments/input GREATLY appreciated!
>
>
> Option 1:
> ---------
> A honeypot is a security resource who's value lies in being
> probed, attacked, or compromised.
>
>
> Option 2:
> ---------
> A honeypot is a resource operated to monitor the use by entities
> who are unauthorized, or have reason to believe they are unauthorized,
> to use those resources.
>
>
>
> Do you have a preference for either defintion, a different
> defintion, or perhaps a combination of the both?  If so, why?
> Let us know.
>
> Thanks!
>
> -- 
> Lance Spitzner
> http://www.tracking-hackers.com