Honeypots for Windows

Wednesday, 31 March 2004, 1:09 AM EST

Long thought of as toys for security administrators who have too much time on their hands, honeypots are gaining an increased presence on corporate networks. Honeypots are nonproduction computer assets set up for the express purpose of being a potential target for unauthorized activities. Although honeypots can mimic any computer resource, they most often mimic legitimate production servers and workstations.

Early on, security professionals mainly used honeypots to learn about malicious attackers and their tactics. Honeypots have proven their value in this area. For example, using honeypots, the Honeynet Project learned that the majority of attacks are automated by malicious mobile code and scripts. Although manual attacks aren't as common, patient intruders will find exploitable holes. Using honeypots, the project members uncovered complex intruder undergrounds involved in widespread commercial fraud and learned and publicized new intruder tricks before they could become pervasive zero-day exploits.

By Roger A. Grimes at Windows & .NET Magazine.

[ Read more ]

Related items




Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //