|
|
|
Online Security, a global provider of computer forensics and information technology risk mitigation since 1997
|
|
| |
iac flash: Business Assurance -- Honeypots & Honeynets
Author: Ed Appel
Business Assurance: Honeypots & Honeynets
Fact: Honeypots and honeynets are hardware or software systems designed to attract users acting illicitly, cyber decoys or booby traps on servers, PCs, switches or routers that divert those apparently intent on unauthorized access or use, and to monitor, identify, incriminate and discover their methodologies. Government and corporate IT security and law enforcement personnel use honeypots/nets against hackers and cyber criminal acts and to protect production networks. Some honeypots trace and collect user identities (e.g. investigators targeting financial crimes, child porn/exploitation, spammers, copyright violators and counterfeiters), while some research unauthorized use patterns.
Analysis: Privacy rights, entrapment and wiretap law limitations are currently subjects of legal discussion. Honeypot e-mail accounts by the thousands are being used to support anti-spam, anti-phishing and anti-cybercrime investigations. Future honeypots/nets are likely to divert snoopy users with apparently illicit intent to duplicate parallel programs or networks in academic, government/military or investigative (non-corporate) environments, where they can do less damage and may be identified for prosecution.
Comment: As investigative sophistication increases, honeypots are often a useful tool in network (live or nearly real-time) investigations, where identifying perpetrators is harder, and often beyond law enforcement or private investigators. Honeypots today provide early detection of widespread frauds such as spamming and phishing, and allow the predominantly private honeypot hosts a force multiplier, increasing the price of maintaining anonymity for the bad guys.
See: http://www.itsecurity.com/papers/cyberguard1.htm
http://www.honeypots.net
http://www.gcn.com/22_17/tech-report/22620-1.html
http://www.cnn.com/2001/TECH/internet/04/04/trap.a.thief.idg
http://www.ieee-security.org/Cipher/ConfReports/2004/CR2004-ACSAC.html
http://www.ieee-security.org/Cipher/ConfReports/2004/CR2004-ACSAC.html
|
|
|
