Re: [tlug] Honeypots

[ayako kato <ayako.kato@example.com>]

On Thu, 11 Apr 2002, Jack Morgan wrote:

> On Thu, Apr 11, 2002 at 06:17:53PM +0900, Matt Doughty wrote:
> > On Thu, Apr 11, 2002 at 05:47:38PM +0900, Christopher SEKIYA wrote:
> > > I'm not convinced of the utility of a honeypot.  Reminds me of a bit
> > > that Robin Williams did at the Met: "it won't stop 'em, but it sure as
> > > hell will amuse them for awhile".
> >
> > I don't think many of them are nearly as interested in improving security
> > as they are in 'understanding how these hackers think'.  Definitely
> > a waste of time in many respects but at least it can make an interesting
> > read when your bored.
>
> I had a read through The Honeynet Project[1]. It was interesting. More of a
> research/information gathering type situation. Not really intended as a security
> measure. The requirements[2] for participation seemed strict.

I'd be surprised if anyone thinks a honeypot is meant to be a security
measure. It's so obviously a research project.  The kind of thing you do
if you have copious amount of free time, energy, curiosity and enough
hardware.

I think the Honeynet project is worthwhile though.  Their papers are so
detailed and compelling, and it does a good job educating IT people.  I
don't think it's a waste of time to learn about how (a fraction of) those
script kiddies think and act.  In fact I think it's really cool that I get
to take a look at things from the other side ..... kind of a behavioural
study ...  (but maybe it's just me, maybe I'm interested in that stuff
more than real techie people do because I was a sociology major)

p.s.
is gpg really affected by the birthday problem ? anyone got pointers or
references?
---------------------
GPG key ID:  560171E9
2036 426F 1009 A596 81E4 4DE7 851D 611A 5601 71E9