Strategies & Issues: Honeypots – Sticking It to Hackers

“Whoever came up with the adage that you can catch more flies with honey than with vinegar probably didn’t have system bugs and other digital-age pests in mind. But there’s a kernel of truth in this old saying that applies to network security today. Enter the honeypot, a security resource whose value lies in being probed, attacked, or compromised…The concept of a honeypot is simple. It’s a resource that has no production value. There’s no legitimate reason for anyone outside the network to interact with a honeypot. Thus, any attempt to communicate with the system is most likely a probe, scan, or attack. Conversely, if your honeypot initiates outbound connections, the system has probably been compromised. One of the primary benefits of a honeypot lies in noise reduction. Since they capture information and generate alerts only when someone or something is interacting with them, they collect small, highly valuable data sets. So instead of getting 10,000 alerts a day with a network IDS sensor, for example, your organization may only get five or 10 alerts with the honeypot.” [MeansBusiness annotation]

Like this content? Why not share it?
Share on FacebookTweet about this on TwitterGoogle+Share on LinkedInBuffer this pagePin on PinterestShare on Redditshare on TumblrShare on StumbleUpon

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.