Latest news
Lance Spitzner is a geek who constantly plays with computers, especially network security.His passion is researching honeypot technologies and using them to learn more about the enemy.
He is the founder of the Honeynet Project, moderator of the honeypot mailing list, co-author of "Know Your Enemy", author of "Honeypots: Tracking Hackers" and also author of several whitepapers. He works as a senior security architect for Sun Microsystems, Inc.
How did you gain interest in honeypots?
My lack of understanding about badguys. I had no idea how they broke into computers, what they did afterwards, or even 'who' they were. Honeypots were a great way to learn. Also, honeypots are very exciting because its a new field. I don't deal well with having to follow lots of rules. With honeypots, I get to make things up as I go, which I find to be lots of fun.
What was it like writing "Honeypots: Tracking Hackers"? Any major difficulties?
The book was actually alot of fun to write. It was something I really wanted to do, as it is the very first book out on honeypots. It also gave me the opportunity to put all my thoughts together. I learned a great deal from that book. The hardest part was making sure I was technically correct with all the different honeypots. The technology is changing so fast, such as with ManTrap and Honeyd, that I was having to learn some of the new features as I wrote the book.
What security tools do you use on a daily basis?
Firewalls and virus scanners. I have both network and host based firewalls, and everything is virus scanned on my PC's. Also, I REALLY like the automatic patching facilities that come with WindowsXP and RedHat Linux. Keeps systems current. Last, I'm always attempting to minimize and harden my systems.
In your opinion what are the most important things an administrator has to do in order to keep a network secure?
If you don't need it, remote it. If you do need it, patch it. Vast majority of attacks are for known vulnerable services. If the service is not there, they can't hack it. If the service is patched, they will have a damn hard time hacking it.
What's the most amusing thing you ever saw someone do on a honeypot?
Oh, good grief, there's so many. Not knowing the tools they are using (4 times to figure out how to untar a file). Accidently DoSing themselves, getting excited about Ping of Death, prefering to launch DoS attacks from Windows, announcing they like to smoke weed, etc. However, I have also learned some very useful Unix commands from watching them, such as grepping for specific network connections.
What's the longest an attacker has been on one of your honeypots?
Spotlight
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
