Honeypots mailing list archives
Re: Honeypot Defintion - Almost There, or a new path?
From: Valdis.Kletnieks () vt edu
Date: Sun, 25 May 2003 15:46:43 -0400
On Sat, 24 May 2003 10:32:32 EDT, "Bernie, CTA" said:
Honeypot: "An automated computer system for detecting erroneous, unauthorized or illicit use of system resources."
I suspect this is waaay too broad, as it includes almost all IDS systems and security packages. Did you *really* mean to say that a bank that runs a program to scan the RACF (resource access control facility) logs on its MVS mainframe to check for failed file opens or login attempts is running a honeypot on said mainframe? I run logsentry on some of our SGI boxes. It reports an "out of swap space" error every once in a while when a researcher gets a bit over-exuberant. It's automated, it's catching an erroneous use of system resources, but it certainly doesn't smell like a honeypot to me.
Attachment:
_bin
Description:
Current thread:
- Re: Honeypot Defintion - Almost There, or a new path? Bernie, CTA (May 24)
- RE: Honeypot Defintion - Almost There, or a new path? John McCracken (May 25)
- RE: Honeypot Defintion - Almost There, or a new path? Jon Price (May 25)
- Re: Honeypot Defintion - Almost There, or a new path? Valdis . Kletnieks (May 25)
- RE: Honeypot Defintion - Almost There, or a new path? John McCracken (May 25)