From: Jamie Riden (jamie.riden@gmail.com)
Date: Thu Mar 13 2008 - 05:26:09 EST
On 13 Mar 2008 05:30:57 -0000, Yousif@vapt-sec.com <Yousif@vapt-sec.com> wrote:
> Alright, well I've come up with a different method to trap attackers. I want some people to pour out their thoughts, leave some comments, open some discussion, and just give me feed back on this idea, and how it can implemented better than I had initially set it out as. You can find the post at my blog on www.yousifyalda.blogspot.com , thanks in advance!
I think you'd do better asking on the honeypots mailing list -
although you might get a better response if you removed the bit about
honeypots being overrated first :)
Anyway, the idea of putting realistic/misleading/tempting data on
honeypots is not exactly new. I think Cheswick et al did it in "An
Evening with Berferd" ( http://all.net/books/berferd/berferd.html )
and possibly Clifford Stoll in the Cuckoo's Egg. Also, have a look at
'honeytokens', e.g. http://www.securityfocus.com/infocus/1713
cheers,
Jamie
-- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:27 EDT