SecurityFocus

Moving forward with defintion of honeypots May 20 2003 03:23AM
Lance Spitzner (lance honeynet org) (17 replies)

Re: Moving forward with defintion of honeypots May 24 2003 04:47AM
Bill McCarty (bmccarty apu edu) (1 replies)

Re: Moving forward with defintion of honeypots May 24 2003 07:38PM
Scarecrow (scarecrow runeweaver com)

Honeypot Defintion - Almost There! May 23 2003 02:30PM
Lance Spitzner (lance honeynet org) (6 replies)

Re: Honeypot Defintion - Almost There! May 24 2003 02:29AM
Erik S. Johansen (security sperling no) (1 replies)

Re: Honeypot Defintion - Almost There! May 25 2003 12:27AM
Jon Price (jon nytimes com)

Re: Honeypot Defintion - Almost There! May 23 2003 03:58PM
Jack McCarthy (lists jackmccarthy com) (1 replies)

Re: Honeypot Defintion - Almost There! May 23 2003 05:24PM
Valdis Kletnieks vt edu

Re: Honeypot Defintion - Almost There! May 23 2003 03:37PM
Steve Barnet (barnet chem wisc edu)

Re: Honeypot Defintion - Almost There! May 23 2003 03:05PM
Marc Dacier (marc dacier eurecom fr) (2 replies)

RE: Honeypot Defintion - Almost There! May 23 2003 04:07PM
David Gillett (gillettdavid fhda edu)

Re: Honeypot Defintion - Almost There! May 23 2003 03:35PM
Valdis Kletnieks vt edu

Re: Honeypot Defintion - Almost There! May 23 2003 02:48PM
Volker Tanger (volker tanger discon de) (1 replies)

Re: Honeypot Defintion - Almost There! May 23 2003 03:28PM
Tora (tagetora users sourceforge net)

Re: Honeypot Defintion - Almost There! May 23 2003 02:40PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org)

Re: Moving forward with defintion of honeypots May 21 2003 06:36PM
Chris Burton (cyberhiker99 yahoo com)

I have waited a while before I weighed in on the
subject because I wanted to try and be convinced by
some of the discussion.

I like Option A the best.

It is the easiest to sell to someone (management,
client, etc.). And it offers a great amount of
latitude in how the final system will result. It is
simple, elegant, and can be comprehended by most
people who will end up caring about results and
success in the end.

Thanks for starting an interesting discussion.

Regards,
Chris

--- Lance Spitzner <lance (at) honeynet (dot) org [email concealed]> wrote:
> In the past week we have received over thirty
> postings
> about the definition of honeypots, each posting
> suggesting
> a different defintion. I think we are all beginning
> to
> realize just how tough it is to define this
> technology.
> Honeypots are an extremely powerful tool that can
> accomplish many different things. Some trends I've
> noticed.
>
> First, many people are including the term 'decoy' in
> the
> definition. While honeypots can 'decoy', I don't
> think
> that should be in the definition. The term decoy
> implies
> "to lure or entrap". Often honeypots don't lure.
> You just
> put them out there and the bad guys find them on
> their own
> intiative, nothing special is done to insare the
> attacker.
> The Honeynet Project has being doing this for years
> now.
>
> Second, many people are including in the definition
> how
> honeypots are used to learn or research. Once
> again, while
> honeypots can do this, they can do so much more.
> They
> can be used for preventing attacks (such as LaBrea
> Tarpit)
> or be used purely for detection similar to an IDS
> system (such as Honeyd). We have to be very careful
> in our defintion to ensure we do not imply why we
> would
> want to use a honeypot.
>
> Honeypots do not solve a specific problem, they are
> a
> highly flexible tool with many different
> applications to
> security. This is one of the things that makes
> honeypots
> unique.
>
> Based on all the feedback we have been getting, I've
>
> narrowed this down into two options.
>
> Thoughts?
>
>
> OPTION A
> --------
> "A honeypot is an information system resource
> who's
> value lies in being probed, attacked, or
> compromised"
>
>
> OPTION B
> --------
> "A honeypot is an information system resource
> who's
> value lies in monitoring unauthorized or illicit
> use of
> that resource"
>
>
> --
> Lance Spitzner
> http://www.tracking-hackers.com
>
>
>

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

[ reply ]

RE: Moving forward with defintion of honeypots May 21 2003 08:37AM
Fabien Pouget (Fabien Pouget eurecom fr)

Re: Moving forward with defintion of honeypots May 21 2003 01:22AM
Per Gustav Ousdal (pgo-ml ousdal com)

Re: Moving forward with defintion of honeypots May 20 2003 09:37PM
Graeme Thompson (gdthompson optushome com au)

Re: Moving forward with defintion of honeypots May 20 2003 07:56PM
David Goldsmith (dgoldsmith sans org)

Re: Moving forward with defintion of honeypots May 20 2003 05:49PM
Richard H. Cotterell (seec mail retina ar)

Re: Moving forward with defintion of honeypots May 20 2003 05:06PM
Jeremy Bennett (jeremy_f_bennett yahoo com)

Re: Moving forward with defintion of honeypots May 20 2003 03:37PM
Bernie, CTA (cta hcsin net) (1 replies)

RE: Moving forward with defintion of honeypots May 21 2003 04:38AM
John McCracken (john mccrackenassociates com)

Re: Moving forward with defintion of honeypots May 20 2003 03:30PM
Harish Pillay (harish maringotree com)

RE: Moving forward with defintion of honeypots May 20 2003 02:46PM
Rick Hayes (rhayes vicor com)

Re: Moving forward with defintion of honeypots May 20 2003 02:36PM
Richard La Bella \(Florida Honeynet\) (richard sfhn org) (1 replies)

Re: Moving forward with defintion of honeypots May 20 2003 04:52PM
Jeremy Bennett (jeremy_f_bennett yahoo com)

Re: Moving forward with defintion of honeypots May 20 2003 02:24PM
Christian Kreibich (christian whoop org) (1 replies)

Re: Moving forward with defintion of honeypots May 21 2003 07:13AM
Perraju (perrajukv ideasp com)

RE: Moving forward with defintion of honeypots May 20 2003 02:08PM
John McCracken (john mccrackenassociates com)

Re: Moving forward with defintion of honeypots May 20 2003 01:56PM
Christian Kreibich (christian whoop org)

Re: Moving forward with defintion of honeypots May 20 2003 01:46PM
Etaoin Shrdlu (shrdlu deaddrop org)