I had no idea what honeypot was, I found this article and I thought it was cool .
http://zdnet.com.com/2100-11-526520.html?legacy=zdnn On Monday 21 April 2003 08:03 am, Tim Fournet wrote: > In that case, what's the difference between that and an Intrusion > Detection System? I'm not sure if an internal machine could really be > called a "honeypot" if it's got some protection in front of it. > > I really don't see the benefit of using a honeypot. To me, it seems like > a lazy/irresponsible alternative to really securing your network. If > your goal is to try to catch and prosecute criminal crackers, then > you're likely doing more harm than good because any evidence you find > will very likely be inadmissible in court. OTOH, if you're just doing it > as an experiment, have fun. Just make sure you aren't inviting disaster > to a production network. > > -Tim > > On Mon, 2003-04-21 at 07:35, Dustin Puryear wrote: > > What if the system is put in the heart of your internal network? In this > > way you could ensure that only someone that had penetrated your perimeter > > defences could have access to the machine? > > > > At 09:35 PM 4/20/2003 -0500, you wrote: > > >Using a honeypot to protect ones network is in my opinion negligent and > > >irresponsible. Companies have a responsibility to do their best to keep > > >their systems inaccessible to unauthorized users, and putting a "free" > > >system on the internet that could potentially allow a cracker to launch > > >attacks against others is not a good practice. > > > > > >Companies absolutely have a right to protect their systems, but not to > > >the point of breaking the law to do it. I think anyone who willingly > > >puts a machine on the internet that's configured to allow someone easy > > >and full access to it--knowing that that person intends to do damage > > >with it--is guilty of aiding a criminal and should be charged as such. > > >Enforcing the law is not the duty of citizens and corporations. > > > > > >On Sat, 2003-04-19 at 22:48, Jeremy J Bertrand wrote: > > > > I just read the article on securityforce.com. posssible loop-hole in > > > > > > using a > > > > > > > redirect, to redirect hacker traffic from a production system to a > > > > honeypot the hacker could sue/countersue for misrepresentation and > > > > entrapment. That goes for both the private company and the > > > > government. > > > > As far as the hackers getting in through other means beside telnet or > > > > a webpage and how to notify there are numerous messages that you can > > > > use to notify that the machine is being monitored. > > > > But your right it is sickening. The fact that using a honeypot to > > > > lure > > > > > > hackers > > > > > > > away from production machines could land you in prison. The fact that > > > > > > the act > > > > > > > hacking any machine is a felony should but doesn't protect the > > > > company from litigation. > > > > ??? I mean a company doesn't have the right to protect what is his > > > > and > > > > > > so what > > > > > > > if he wants to use something that could help capture "wanted > > > > > > criminals", the > > > > > > > company should be rewarded for doing a good deed, but instead they > > > > get litigation. Come on what kind of society have we created for > > > > ourselves ???? > > > > > > > > > > > > Jeremy Bertrand > > > > email: [EMAIL PROTECTED] > > > > > > > > > > > > ---------- Original Message ----------- > > > > From: Nashid Hasan <[EMAIL PROTECTED]> > > > > To: [email protected] > > > > Sent: Fri, 18 Apr 2003 11:10:07 -0500 > > > > Subject: [brlug-general] Use a Honeypot, Go to Prison? > > > > > > > > > These legal games are sickening....... > > > > > > > > > > "Using a honeypot to detect and surveil computer intruders might > > > > > put you on the working end of federal wiretapping beef, or even get > > > > > you sued by the next hacker that sticks his nose in the trap, a > > > > > Justice Department attorney warned Wednesday." > > > > > > > > > > http://securityfocus.com/news/4004 > > > > > > > > ------- End of Original Message ------- > > > > > > > > > > > > _______________________________________________ > > > > General mailing list > > > > [email protected] > > > > http://brlug.net/mailman/listinfo/general_brlug.net > > > > > >_______________________________________________ > > >General mailing list > > >[email protected] > > >http://brlug.net/mailman/listinfo/general_brlug.net > > > > --- > > Dustin Puryear <[EMAIL PROTECTED]> > > Puryear Information Technology > > Windows, UNIX, and IT Consulting > > http://www.puryear-it.com > > > > > > > > _______________________________________________ > > General mailing list > > [email protected] > > http://brlug.net/mailman/listinfo/general_brlug.net > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net
