On Wed, Jul 21, 1999 at 10:46:18PM -0400, Rabid Wombat wrote:
>
> I disagree on the "bait" system. It shows that you have good security that
> is working if you can trap the intruder without their knowing it, and
> record all their attempts to branch out from the "bait" system.
>
> Successfully busting a hacker that didn't get to any "real" systems is a
> good deterent.
But only if the news gets back to future "likely suspects".
> Busting one that compromised you is bad press.
How is the general population going to know the difference? And if you're
careful enough to get the press to explain the difference, will it have
the desired deterrent effect, or will it make the kiddies a little
smarter in recognizing a honeypot?
Regardless, I still think they could be useful in keeping crackers
busy while you either track them down, learn about new tricks you
haven't seen before, or both. I just don't have the resources to
set one up as a sort of a "sting operation".
--
David Carmean <[EMAIL PROTECTED]>
PGP fingerprint = B1 57 EB A8 1D B9 87 86 5F 5C 51 A4 F2 5E ED FD
My God, it's full of Cars!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
