In order to get the real picture of honeypots I contacted the person that's an authority on the subject - Lance Spitzner. He is the founder of the Honeynet Project, moderator of the honeypot mailing list, co-author of "Know Your Enemy", author of "Honeypots: Tracking Hackers" and also author of several whitepapers. He works as a senior security architect for Sun Microsystems, Inc.
Spitzner said: "I'm a huge fan of honeypots. I know of no other security technology that lets you turn the tables on the bad guys, honepyots give you the initiative. I've been using them for several years now to learn about how attackers operate, and the latest threats. When I look back, I'm amazed at how much I've learned. I'm extremely excited about the future of honeypots, we have only begun to tap into their potential. In many ways, I think honeypots are now where firewall technologies were eight years ago, or where IDS was five years ago. However, I'm even more excited about all the different roles honeypots can play. Not only can they be used to improve you security (by preventing or detecting attacks), they can be used to gain intelligence on new threats. In fact, that is where I think we will so the greatest growth in honeypots. Organizations can use them for early warning and prediction, trend analysis, or even cyber warfare."
There have been two things that marked this year as the most important year for honeypots ever:
- In September the book "Honeypots: Tracking Hackers" was released.
- In November the very first security conference ever dedicated to honeypot technologies, took place in Las Vegas.
The future is wide open for the development of honeypot technology as more people begin to use it. There are not many solutions present at the moment but new ones will certainly appear during the following year. As regards the future Spitzner said: "We will also see dramatic improvement in how the technology works. Open Source solutions such as Honeyd and Honeynet will become easier to use. Commercial products, such as ManTrap, will communicate and work with other technologies, such as firewalls and IDS. I also think we will see more honeypot solutions released."
"Last, I think you will see more documented cases of honeypots in use. People don't realize just how much honeypots are being used today. For example, catching the latest worms or trend analysis of specific blackhat communities. I feel honeypots have a very exciting future, we are seeing a technology in its infancy." Spitzner added.