Honeypots mailing list archives
Few questions about sp800-31
From: "Kuznetsov A.N." <pm_kan () mail ru>
Date: Mon, 27 Nov 2006 16:27:09 +0300
Hi list, recently I have read sp800-31(NIST Special Publication on Intrusion Detection System) and have some questions about it. On page 28 they wrote about disadvantages of Honey Pots and Padded Cells - The legal implications of using such devices are not well defined What kind of problems with law can any have when using Honey Pot or Padded Cell? The best thing I can guess that it can be some problems if IDS redirect legal user to Padded Cell and he get wrong info. - An expert attacker, once diverted into a decoy system, may become angry and launch a more hostile attack against an organization’s systems. How such sentences can be in official documents? Thinking in such way we should disable all security mechanisms in order to not make attacker angry. Sorry for my English^) -- Best regards, Kuznetsov Andrey pm_kan () mail ru
Current thread:
- Few questions about sp800-31 Kuznetsov A.N. (Nov 27)
- Re: Few questions about sp800-31 Valdis . Kletnieks (Nov 27)
- <Possible follow-ups>
- RE: Few questions about sp800-31 Glenn.Everhart (Nov 27)
- Few questions about sp800-31 Kuznetsov A.N. (Nov 29)