Three weeks. After that amount of time, there is little you can learn, with only increased risk of something going wrong.

Recently the Honeypot Best Practices security conference took place, are you satisfied with the outcome?

It was a great start, as it was the first honeypot conference. However, I would like to see one that is more technical, covering a great spectrum of technologies (similar to my book). I'm currently teaching 3 day honeypot class that is very similar to this. You may also see some more exciting events next year :)

What books, whitepapers, websites would you recommend to people that are starting to learn about computer security?


Oh boy, that depends. Beginner worrying about securing their XP box at home, security engineer securing their network at work? For the common user, I just recommend getting a firewall and a virus scanner, that works for most. For the security professional, start with the basics. For me, that was Stevens TCP/IP Illustrated Volume I. That has become my networking bible. The other most valuable thing for me has been a home lab. Build yourself a network of computers (old 486 systems are fine), and test everything you are learning in that environment (minimization, network sniffing, firewalls, attacks, etc). That hands on experience has proven invaluable to me.

What are your future plans? Any exciting new projects?

One of the most exciting things the Honeynet Projectis now working on is a bootable CDROM. We want to take our newly developed GenII technologies and build them into a bootable CDROM. This way if any organizations want to deploy a Honeynet (or multiple Honeynets), they simply boot off a CDROM and they have their Honeynet. All that is left is populating the network with target victims.