Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Honeypots
Moving forward with defintion of honeypots May 20 2003 03:23AM
Lance Spitzner (lance honeynet org) (17 replies)
Re: Moving forward with defintion of honeypots May 24 2003 04:47AM
Bill McCarty (bmccarty apu edu) (1 replies)
Re: Moving forward with defintion of honeypots May 24 2003 07:38PM
Scarecrow (scarecrow runeweaver com)
Honeypot Defintion - Almost There! May 23 2003 02:30PM
Lance Spitzner (lance honeynet org) (6 replies)
Re: Honeypot Defintion - Almost There! May 24 2003 02:29AM
Erik S. Johansen (security sperling no) (1 replies)
Re: Honeypot Defintion - Almost There! May 25 2003 12:27AM
Jon Price (jon nytimes com)
Re: Honeypot Defintion - Almost There! May 23 2003 03:58PM
Jack McCarthy (lists jackmccarthy com) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 05:24PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 03:37PM
Steve Barnet (barnet chem wisc edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:05PM
Marc Dacier (marc dacier eurecom fr) (2 replies)
RE: Honeypot Defintion - Almost There! May 23 2003 04:07PM
David Gillett (gillettdavid fhda edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:35PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 02:48PM
Volker Tanger (volker tanger discon de) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 03:28PM
Tora (tagetora users sourceforge net)
Re: Honeypot Defintion - Almost There! May 23 2003 02:40PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org)
Re: Moving forward with defintion of honeypots May 21 2003 06:36PM
Chris Burton (cyberhiker99 yahoo com)
RE: Moving forward with defintion of honeypots May 21 2003 08:37AM
Fabien Pouget (Fabien Pouget eurecom fr)
Re: Moving forward with defintion of honeypots May 21 2003 01:22AM
Per Gustav Ousdal (pgo-ml ousdal com)
Re: Moving forward with defintion of honeypots May 20 2003 09:37PM
Graeme Thompson (gdthompson optushome com au)
Re: Moving forward with defintion of honeypots May 20 2003 07:56PM
David Goldsmith (dgoldsmith sans org)
Re: Moving forward with defintion of honeypots May 20 2003 05:49PM
Richard H. Cotterell (seec mail retina ar)
Re: Moving forward with defintion of honeypots May 20 2003 05:06PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 03:37PM
Bernie, CTA (cta hcsin net) (1 replies)
I would agree with mix / mod of Option A and B. However, I
believe that we should add the word security to the definition
in order to satisfy legal use or intent, and potential privacy
violation issues.

Considering that in most current Honeypot (decoy)
deployment topologies Users with honest intent may
unknowingly land upon the gates of a honeypot while
expecting privacy of their activities to be maintained, there
may be a risk of running afoul of certain privacy,
eavesdropping, wiretapping laws.

That is, directly monitoring/recording an individual's actions
without their permission could generally be considered
eavesdropping or wiretapping (at least here in the USA),
unless such monitoring/recording is performed by law
enforcement with a valid COURT ORDER, or unless such
monitoring/recording is performed as to protect the system
from unauthorized use and to ensure that the system is
functioning properly.

Furthermore, using a honeypot as a general decoy and
eavesdropping resource, may provide grounds for entrapment.

Therefore, I would suggest the a mix of A and B as follows:

"A honeypot is an information system security resource
whose value lies in being probed, attacked, or compromised,
which may contribute to the monitoring of unauthorized or
illicit use of that resource"

On 19 May 2003, at 22:23, Lance Spitzner wrote:
>...
> Honeypots do not solve a specific problem, they are a
> highly flexible tool with many different applications to
> security. This is one of the things that makes honeypots
> unique.
>
> Based on all the feedback we have been getting, I've
> narrowed this down into two options.
>
> Thoughts?
>
>
> OPTION A
> --------
> "A honeypot is an information system resource who's
> value lies in being probed, attacked, or compromised"
>
>
> OPTION B
> --------
> "A honeypot is an information system resource who's
> value lies in monitoring unauthorized or illicit use of
> that resource"
>

-
****************************************************
Bernie
Chief Technology Architect
Chief Security Officer
cta (at) hcsin (dot) net [email concealed]
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go
// to avoid the pure labor of honest thinking."
// Honest thought, the real business capital.
// Observe> Think> Plan> Think> Do> Think>
*******************************************************

[ reply ]
RE: Moving forward with defintion of honeypots May 21 2003 04:38AM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 03:30PM
Harish Pillay (harish maringotree com)
RE: Moving forward with defintion of honeypots May 20 2003 02:46PM
Rick Hayes (rhayes vicor com)
Re: Moving forward with defintion of honeypots May 20 2003 02:36PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org) (1 replies)
Re: Moving forward with defintion of honeypots May 20 2003 04:52PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 02:24PM
Christian Kreibich (christian whoop org) (1 replies)
Re: Moving forward with defintion of honeypots May 21 2003 07:13AM
Perraju (perrajukv ideasp com)
RE: Moving forward with defintion of honeypots May 20 2003 02:08PM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 01:56PM
Christian Kreibich (christian whoop org)
Re: Moving forward with defintion of honeypots May 20 2003 01:46PM
Etaoin Shrdlu (shrdlu deaddrop org)







 

Privacy Statement
Copyright 2009, SecurityFocus