Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Honeypots
Moving forward with defintion of honeypots May 20 2003 03:23AM
Lance Spitzner (lance honeynet org) (17 replies)
Re: Moving forward with defintion of honeypots May 24 2003 04:47AM
Bill McCarty (bmccarty apu edu) (1 replies)
Re: Moving forward with defintion of honeypots May 24 2003 07:38PM
Scarecrow (scarecrow runeweaver com)
Honeypot Defintion - Almost There! May 23 2003 02:30PM
Lance Spitzner (lance honeynet org) (6 replies)
Re: Honeypot Defintion - Almost There! May 24 2003 02:29AM
Erik S. Johansen (security sperling no) (1 replies)
Re: Honeypot Defintion - Almost There! May 25 2003 12:27AM
Jon Price (jon nytimes com)
Re: Honeypot Defintion - Almost There! May 23 2003 03:58PM
Jack McCarthy (lists jackmccarthy com) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 05:24PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 03:37PM
Steve Barnet (barnet chem wisc edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:05PM
Marc Dacier (marc dacier eurecom fr) (2 replies)
RE: Honeypot Defintion - Almost There! May 23 2003 04:07PM
David Gillett (gillettdavid fhda edu)
Re: Honeypot Defintion - Almost There! May 23 2003 03:35PM
Valdis Kletnieks vt edu
Re: Honeypot Defintion - Almost There! May 23 2003 02:48PM
Volker Tanger (volker tanger discon de) (1 replies)
Re: Honeypot Defintion - Almost There! May 23 2003 03:28PM
Tora (tagetora users sourceforge net)
Re: Honeypot Defintion - Almost There! May 23 2003 02:40PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org)
Re: Moving forward with defintion of honeypots May 21 2003 06:36PM
Chris Burton (cyberhiker99 yahoo com)
RE: Moving forward with defintion of honeypots May 21 2003 08:37AM
Fabien Pouget (Fabien Pouget eurecom fr)
Re: Moving forward with defintion of honeypots May 21 2003 01:22AM
Per Gustav Ousdal (pgo-ml ousdal com)
Re: Moving forward with defintion of honeypots May 20 2003 09:37PM
Graeme Thompson (gdthompson optushome com au)
Re: Moving forward with defintion of honeypots May 20 2003 07:56PM
David Goldsmith (dgoldsmith sans org)
Re: Moving forward with defintion of honeypots May 20 2003 05:49PM
Richard H. Cotterell (seec mail retina ar)
Re: Moving forward with defintion of honeypots May 20 2003 05:06PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 03:37PM
Bernie, CTA (cta hcsin net) (1 replies)
RE: Moving forward with defintion of honeypots May 21 2003 04:38AM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 03:30PM
Harish Pillay (harish maringotree com)
RE: Moving forward with defintion of honeypots May 20 2003 02:46PM
Rick Hayes (rhayes vicor com)
Re: Moving forward with defintion of honeypots May 20 2003 02:36PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org) (1 replies)
Re: Moving forward with defintion of honeypots May 20 2003 04:52PM
Jeremy Bennett (jeremy_f_bennett yahoo com)
Re: Moving forward with defintion of honeypots May 20 2003 02:24PM
Christian Kreibich (christian whoop org) (1 replies)
Re: Moving forward with defintion of honeypots May 21 2003 07:13AM
Perraju (perrajukv ideasp com)
I prefer Both.

Perraju
----- Original Message -----
From: "Christian Kreibich" <christian (at) whoop (dot) org [email concealed]>
To: "Honeypots List" <honeypots (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, May 20, 2003 7:54 PM
Subject: Re: Moving forward with defintion of honeypots

> On Tue, 2003-05-20 at 04:23, Lance Spitzner wrote:
> >
> > First, many people are including the term 'decoy' in the
> > definition. While honeypots can 'decoy', I don't think
> > that should be in the definition. The term decoy implies
> > "to lure or entrap". Often honeypots don't lure. You just
> > put them out there and the bad guys find them on their own
> > intiative, nothing special is done to insare the attacker.
> > The Honeynet Project has being doing this for years now.
>
> Mhmm I think this is difficult to put concisely. Basically you want to
> define something like a mousetrap without cheese -- the only thing I can
> think of that does something like that in the real world is a minefield.
>
> > Second, many people are including in the definition how
> > honeypots are used to learn or research. Once again, while
> > honeypots can do this, they can do so much more. They
> > can be used for preventing attacks (such as LaBrea Tarpit)
> > or be used purely for detection similar to an IDS
> > system (such as Honeyd). We have to be very careful
> > in our defintion to ensure we do not imply why we would
> > want to use a honeypot.
>
> I fully agree with this -- it's the old mechanism versus policy argument
> I guess.
>
> > Based on all the feedback we have been getting, I've
> > narrowed this down into two options.
> >
> > Thoughts?
> >
> >
> > OPTION A
> > --------
> > "A honeypot is an information system resource who's
> > value lies in being probed, attacked, or compromised"
> >
> >
> > OPTION B
> > --------
> > "A honeypot is an information system resource who's
> > value lies in monitoring unauthorized or illicit use of
> > that resource"
>
> Among those I still prefer the first one. Actually if you just drop
> "decoy" from my attempt I still like it:
>
> "A honeypot is an information system resource set up for the purpose of
> monitoring and logging the activities of entities that probe, attack or
> compromise it."
>
> Cheers,
> Christian.
> --
> ________________________________________________________________________

> http://www.whoop.org

[ reply ]
RE: Moving forward with defintion of honeypots May 20 2003 02:08PM
John McCracken (john mccrackenassociates com)
Re: Moving forward with defintion of honeypots May 20 2003 01:56PM
Christian Kreibich (christian whoop org)
Re: Moving forward with defintion of honeypots May 20 2003 01:46PM
Etaoin Shrdlu (shrdlu deaddrop org)







 

Privacy Statement
Copyright 2009, SecurityFocus