funsec mailing list archives

Thinking out loud: On the value of honeynets, trojans, botnets, etc.

From: "Fergie" <fergdawg () netzero net>
Date: Sat, 3 Jun 2006 02:01:08 GMT

Just tossing some thoughts around earlier this evening.

Would appreciate some feedback.

How valuable, would you say, are honeynets now that most
malware/crimeware seems to trojan downloader backdoor droppers
that are "dropped" due to user activation (e.g. clicking on a
link in an e-card), as opposed to trojan backdoors that are
dropped via an OS exploit?

Think about that for a moment.

Serious feedback appreciated,

- ferg

p.s. This is _not_ to question the value of honeynets, per se,
but more appropriately, to examine methodology in a broader
context given the change in attack vector(s).

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Thinking out loud: On the value of honeynets, trojans, botnets, etc. Fergie (Jun 02)
- Re: Thinking out loud: On the value of honeynets, trojans, botnets, etc. Nick FitzGerald (Jun 02)
- Re: Thinking out loud: On the value of honeynets, trojans, botnets, etc. Robert (Jun 13)