Information Security News mailing list archives
Re: Honeypots: Bait for the Cracker
From: InfoSec News <isn () C4I ORG>
Date: Fri, 9 Mar 2001 00:38:46 -0600
Forwarded by: Aj Effin Reznor <aj () reznor com> "InfoSec News was known to say....."
http://www.wired.com/news/culture/0,1284,42233,00.html
(figures)
Shah said the team has learned about the tools that attackers use. But perhaps more importantly, they have also learned about crackers' motives for attacking systems: Many don't crack a system because they want to access information, they crack it simply because they can.
*Groan*. I don't disagree, or agree really, with the honeypot/net projects, but is this the statement to make? Manhours, resources, and the Grammy goes to..... Something Everyone Has Known For A Decade! Geez... -aj. Date: Thu, 8 Mar 2001 09:35:34 -0600 From: JD Runyan <Jason.Lists () DMS NWCG Gov> To: InfoSec News <isn () C4I ORG> Subject: Re: [ISN] Honeypots: Bait for the Cracker Give me a break on the wiretapping. These crackers have broken the law. You can monitor your employees computer use, and phone use on your equipment. These conversations are not private by virtue that they are stealing the resources to conduct them.
Since most crackers quickly set up private Internet Relay Chat proxy servers on any system they can access, honeynet or honeypot observers are often able to capture logs of the crackers' conversations. The ability to monitor private conversations is one of the reasons that some have ethical problems with honeynet. One of the original honeynet team members, J.D. Glaser, director of engineering at security firm Foundstone, recently resigned from the project. He hopes it won't continue to grow. Glaser said that he has become increasingly convinced that electronic wiretapping is wrong, even when it's used for research.
Date: Thu, 08 Mar 2001 15:50:56 -0500 From: Meritt James <meritt_james () bah com> To: InfoSec News <isn () C4I ORG> Subject: Re: [ISN] Honeypots: Bait for the Cracker "Entrapment" is a legal concept. While a law enforcement officer can do such a thing (or direct it being done), a private operator cannot.
Adams also feels that honeypots and honeynets come close to entrapment. "It's like opening a fake store, loading it with cool stuff, and sitting back hoping someone will break into it," he said. But since entrapment involves coercing someone to commit a crime they would not otherwise have committed, attorney Jason Wilson said that the typical honeynet or honeypot would not be considered entrapment under United States law.
-- James W. Meritt, CISSP, CISA Booz*Allen & Hamilton phone: (410) 684-6566 ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Honeypots: Bait for the Cracker InfoSec News (Mar 07)
- <Possible follow-ups>
- Re: Honeypots: Bait for the Cracker InfoSec News (Mar 09)
- Re: Honeypots: Bait for the Cracker InfoSec News (Mar 12)