Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- honeypot ?
May 11, 2004, 6:12 am
rate this thread
my superior has suggested that if there are suspicious activities
going on our webserver and that patterns show that someone is trying
to hack our webserver,
we can redirect that traffic to a honeypot ( which is a mirror of our
webserveR ) as a measure to thwart the hacker attempt.
Would this be possible?? How easy is it to configure one such
Re: honeypot ?
A honeypot/honeynet is simply a system/network that has been
purposefully left vulnerable...the savvy network admin is simply
dangling this carrot in front of a hacker's face in the hope that they
choose to investigate that network instead of their own. You can read
about this ad nauseum at http://project.honeynet.org/misc/project.html .
I think this is a labour intense means of achieving little in the way
of security. Instead, think defense in depth...use host and network IDS,
firewalls and logging. Make sure your server sare patched and conduct
regular audits. Unfortunately there is no simple solution to this problem.
- » Getting rid of a spyware program called "Once Dead"
- — Previous thread in » General Computer Security