You can catch more spies with honey

Tuesday, 27 May 2003, 3:39 PM EST

Tired of defending against bad guys? Instead, go on the offensive. At least that's the idea behind so-called honeypotsócomputer systems that are designed to lure evildoers and then record their every move.

Think of honeypots as intelligence collection systems. Many hackers engage in routine scans of the Internet's address space, looking for poorly defended computers. A honeypot is a deliberately vulnerable target that invites penetration while fully instrumented. So after a hacker penetrates it, you can learn how it was done, keeping you current with the latest attacks and exploits against your company's servers. You can also collect the types of hacker tools they use and, by eavesdropping on their communications, map out their social networks.

Setting up a honeypot isn't hard; all you need is a computer running an unpatched copy of Microsoft Windows or Red Hat Linux on your external Internet. Since hackers are likely to booby-trap the computer's logging and auditing capabilities, you'll want to station a network-monitoring system between the box and your Internet connection so that all the traffic in or out of the box is silently recorded. Then just sit back and wait for the inevitable attack.

[ Read more ]

Related items




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //