Honeypots
Few questions about sp800-31 Nov 27 2006 01:27PM
Kuznetsov A.N. (pm_kan mail ru) (1 replies)
Hi list,
recently I have read sp800-31(NIST Special Publication on Intrusion Detection
System) and have some questions about it.

On page 28 they wrote about disadvantages of Honey Pots and Padded Cells
- The legal implications of using such devices are not well defined
What kind of problems with law can any have when using Honey Pot or Padded Cell?
The best thing I can guess that it can be some problems if IDS redirect legal
user to Padded Cell and he get wrong info.
- An expert attacker, once diverted into a decoy system, may become angry and
launch a more hostile attack against an organization?s systems.
How such sentences can be in official documents? Thinking in such way we should
disable all security mechanisms in order to not make attacker angry.

Sorry for my English^)
--
Best regards,
Kuznetsov Andrey pm_kan (at) mail (dot) ru [email concealed]

[ reply ]
Re: Few questions about sp800-31 Nov 27 2006 09:07PM
Valdis Kletnieks vt edu


 

Privacy Statement
Copyright 2010, SecurityFocus