Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Honeypots
Moving forward with defintion of honeypots May 20 2003 03:23AM
Lance Spitzner (lance honeynet org) (17 replies)
Re: Moving forward with defintion of honeypots May 24 2003 04:47AM
Bill McCarty (bmccarty apu edu) (1 replies)
Re: Moving forward with defintion of honeypots May 24 2003 07:38PM
Scarecrow (scarecrow runeweaver com)
Honeypot Defintion - Almost There! May 23 2003 02:30PM
Lance Spitzner (lance honeynet org) (6 replies)
Re: Honeypot Defintion - Almost There! May 24 2003 02:29AM
Erik S. Johansen (security sperling no) (1 replies)
Re: Honeypot Defintion - Almost There! May 25 2003 12:27AM
Jon Price (jon nytimes com)
Re: Honeypot Defintion - Almost There! May 23 2003 03:58PM
Jack McCarthy (lists jackmccarthy com) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 05:24PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 03:37PM
Steve Barnet (barnet chem wisc edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:05PM
Marc Dacier (marc dacier eurecom fr) (2 replies)
RE: Honeypot Defintion - Almost There! May 23 2003 04:07PM
David Gillett (gillettdavid fhda edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:35PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 02:48PM
Volker Tanger (volker tanger discon de) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 03:28PM
Tora (tagetora users sourceforge net)
Re: Honeypot Defintion - Almost There! May 23 2003 02:40PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org)
Re: Moving forward with defintion of honeypots May 21 2003 06:36PM
Chris Burton (cyberhiker99 yahoo com)
RE: Moving forward with defintion of honeypots May 21 2003 08:37AM
Fabien Pouget (Fabien Pouget eurecom fr)
Re: Moving forward with defintion of honeypots May 21 2003 01:22AM
Per Gustav Ousdal (pgo-ml ousdal com)
Re: Moving forward with defintion of honeypots May 20 2003 09:37PM
Graeme Thompson (gdthompson optushome com au)
Re: Moving forward with defintion of honeypots May 20 2003 07:56PM
David Goldsmith (dgoldsmith sans org)
Re: Moving forward with defintion of honeypots May 20 2003 05:49PM
Richard H. Cotterell (seec mail retina ar)
Re: Moving forward with defintion of honeypots May 20 2003 05:06PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 03:37PM
Bernie, CTA (cta hcsin net) (1 replies)
RE: Moving forward with defintion of honeypots May 21 2003 04:38AM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 03:30PM
Harish Pillay (harish maringotree com)
RE: Moving forward with defintion of honeypots May 20 2003 02:46PM
Rick Hayes (rhayes vicor com)
I think OPTION B is more appropriate.

Thanks,
Rick Hayes

-----Original Message-----
From: Lance Spitzner [mailto:lance (at) honeynet (dot) org [email concealed]]
Sent: Monday, May 19, 2003 11:23 PM
To: honeypots (at) securityfocus (dot) com [email concealed]
Subject: Moving forward with defintion of honeypots

In the past week we have received over thirty postings
about the definition of honeypots, each posting suggesting
a different defintion. I think we are all beginning to
realize just how tough it is to define this technology. Honeypots are an
extremely powerful tool that can accomplish many different things. Some
trends I've noticed.

First, many people are including the term 'decoy' in the
definition. While honeypots can 'decoy', I don't think
that should be in the definition. The term decoy implies
"to lure or entrap". Often honeypots don't lure. You just
put them out there and the bad guys find them on their own
intiative, nothing special is done to insare the attacker.
The Honeynet Project has being doing this for years now.

Second, many people are including in the definition how honeypots are
used to learn or research. Once again, while honeypots can do this,
they can do so much more. They
can be used for preventing attacks (such as LaBrea Tarpit)
or be used purely for detection similar to an IDS
system (such as Honeyd). We have to be very careful
in our defintion to ensure we do not imply why we would
want to use a honeypot.

Honeypots do not solve a specific problem, they are a
highly flexible tool with many different applications to security. This
is one of the things that makes honeypots unique.

Based on all the feedback we have been getting, I've
narrowed this down into two options.

Thoughts?

OPTION A
--------
"A honeypot is an information system resource who's
value lies in being probed, attacked, or compromised"

OPTION B
--------
"A honeypot is an information system resource who's
value lies in monitoring unauthorized or illicit use of
that resource"

--
Lance Spitzner
http://www.tracking-hackers.com

[ reply ]
Re: Moving forward with defintion of honeypots May 20 2003 02:36PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org) (1 replies)
Re: Moving forward with defintion of honeypots May 20 2003 04:52PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 02:24PM
Christian Kreibich (christian whoop org) (1 replies)
Re: Moving forward with defintion of honeypots May 21 2003 07:13AM
Perraju (perrajukv ideasp com)
RE: Moving forward with defintion of honeypots May 20 2003 02:08PM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 01:56PM
Christian Kreibich (christian whoop org)
Re: Moving forward with defintion of honeypots May 20 2003 01:46PM
Etaoin Shrdlu (shrdlu deaddrop org)







 

Privacy Statement
Copyright 2009, SecurityFocus