Information Security News mailing list archives
Re: Honeypots: Bait for the Cracker
From: InfoSec News <isn () C4I ORG>
Date: Tue, 13 Mar 2001 00:34:39 -0600
Forwarded by: Joshua Holzer <joshuaholzer () hotmail com> It seems pretty simple to me: If it's a private company, it isn't entrapment. The Title III wiretap regulations only apply to law enforcement. A private citizen, or company is well within their bounds to employ honeypot / honeynet tactics in order to secure their servers and intellectual property. The sure way to prevent any misunderstanding is to post a one line notice on the company's home page indicating that the company reserves the right to monitor traffic on its site. If someone comes in through a backdoor, they shouldn't be there in the first place. If the hacker or cracker wants to play, the sys admin should be able to build the sandbox.
From: InfoSec News <isn () C4I ORG> Reply-To: InfoSec News <isn () C4I ORG> To: ISN () SECURITYFOCUS COM Subject: [ISN] Honeypots: Bait for the Cracker Date: Wed, 7 Mar 2001 17:33:04 -0600 http://www.wired.com/news/culture/0,1284,42233,00.html by Michelle Delio 2:00 a.m. Mar. 7, 2001 PST Set up a server and fill it with tempting files. Make it hard but not impossible to break into. Then sit back and wait for the crackers to show up. Observe them as they cavort around in the server. Log their conversations with each other. Study them like you'd watch insects under a magnifying glass. That's the basic concept behind honeypots and honeynets, systems that are set up specifically so that security experts can secretly observe crackers in their natural habitats. The Honeynet Project team, an invitation-only security group, has been working with the project, a network that exists only to allow the team to watch who cracks it, in order to determine what crackers do and why they do it. The team will soon publish a paper on their research. But some say that honeynets and honeypots, single servers used for cracker observation, are really nothing more than electronic wiretapping and entrapment and charge that the systems are unethical and possibly illegal.
ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Honeypots: Bait for the Cracker InfoSec News (Mar 07)
- <Possible follow-ups>
- Re: Honeypots: Bait for the Cracker InfoSec News (Mar 09)
- Re: Honeypots: Bait for the Cracker InfoSec News (Mar 12)