Back to list
RE: Looking for Honeypots???
Apr 06 2006 02:09AM
Roger A. Grimes (roger banneretcs com)
I run 8 honeypots, and have for years. I've not seen this. There maybe some specific targeted firms (i.e. av firms, Microsoft, etc.) and some occasional honeypot identifications made by honeypot-aware hackers, but its far from mainstream.
Criminal hackers are stealing millions of dollars every day...their current methods are working just fine. The idea that they actually need an offensive strategy is almost laughable. Computer crime is on an incredible rise this year...and it isn't because they are taking down honeypots. Article fodder for a gullible reporter. For heaven's sake, the first article mentioned that some malware programs are actually disabling antivirus mechanisms as if it was news.
From: David Jiménez Domínguez [mailto:djdsecurity (at) gmail (dot) com [email concealed]]
Sent: Wednesday, April 05, 2006 6:50 PM
To: honeypots (at) securityfocus (dot) com [email concealed]
Subject: Looking for Honeypots???
Yesterday ZDnet issued a note  about cybercriminals looking for antivirus firm's honeypots in order to launch attacks against them, specially those for malware collection. I've read some docs about the same topic  some days ago...
Have yout ever seen something like that within your honeynets?
I think one of the reasons of this actions is to stop the botnet hunting and botnet hijacking, not to be aware if they are being watched mainly...
What do you thing??
[ reply ]
Copyright 2010, SecurityFocus