Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Honeypots
- To: tlug@example.com
- Subject: Re: [tlug] Honeypots
- From: Matt Doughty <mdoughty@example.com>
- Date: Thu, 11 Apr 2002 18:17:53 +0900
- Content-disposition: inline
- Content-transfer-encoding: 7bit
- Content-type: text/plain; charset=us-ascii
- In-reply-to: <200204110847.g3B8lb714329@example.com>; from wileyc@example.com on Thu, Apr 11, 2002 at 05:47:38PM +0900
- Mail-followup-to: Matt Doughty <mdoughty@example.com>, tlug@example.com
- References: <200204110847.g3B8lb714329@example.com>
- User-agent: Mutt/1.2.4i-jp0
On Thu, Apr 11, 2002 at 05:47:38PM +0900, Christopher SEKIYA wrote: > > The author says "if you have an insecure system it will be compromised" > > ... > > > My Redhat 6.2 server Honeypot was compromised > > ... and we are surprised why? surprised? Anyone worth their salt shouldn't be surprised but speaking honestly I know alot of people who are supposedly compentent enough to run systems are surprised. If they weren't and people were really clued in then security would not be the messy problem that it is today. Still no one should be surprised. > > If one deploys a machine with a direct (i.e., non-port-filtered) connection to the > outside world without first locking it down, it _will_ be compromised. Especially if > it is a RedHat box -- more rootkits for RH flavours than any other UNIX. Yep. The scary thing is he asked a coworker, who was apparently a *nix user, for a copy of RH, and the guy gave him 6.2. I know its security is sieve like but I wonder how many people just hear Linux is more secure than windows and just assumes its safe. The whole "lock down your systems and learn about security" mantra can't be repeated enough. I like things, even oddities like honey pots, that bring attention to how serious security issues are with hard numbers. I have met people[1] who think security breakins only happen to big companies or well known sites. They need to be bludgeoned with a clue by fore, and this is just the sort of thing that will bring the message home[2]. > > I'm not convinced of the utility of a honeypot. Reminds me of a bit that Robin > Williams did at the Met: "it won't stop 'em, but it sure as hell will amuse them for > awhile". > I have the feeling that people who setup honey pots are almost like those people on the wildlife shows[3] that go out tranquilize the animals, tag them, and let them go. They think they are studying some sort of animal. They let them into the their cage watch 'em thrash around for a bit and let 'em go. I don't think many of them are nearly as interested in improving security as they are in 'understanding how these hackers think'. Definitely a waste of time in many respects but atleast it can make an interesting read when your bored. --Matt
- Follow-Ups:
- Re: [tlug] Honeypots
- From: Stephen J. Turnbull
- Re: [tlug] Honeypots
- From: Jack Morgan
- Re: [tlug] Honeypots
- References:
- Re: [tlug] Honeypots
- From: Christopher SEKIYA
- Re: [tlug] Honeypots
- Prev by Date: Re: [tlug] Honeypots
- Next by Date: Re: [tlug] Honeypots
- Previous by thread: Re: [tlug] Honeypots
- Next by thread: Re: [tlug] Honeypots
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |