Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need your helping defining honeypots

From: Sergio Pozo Hidalgo <sergio () lsi us es>
Date: Mon, 19 May 2003 10:46:48 +0200
Andy Cuff [talisker] wrote:

Hi Lance
My preference is to the latter, though I do prefer Davide's version:

"A honeypot is a security resource used to monitor, log, and study the
actions of unauthorized entities which probe, attack or compromise it."

Matt Fisher introduces the term decoy which is especially pertinent to
development honeypots, perhaps this could be used instead of resource.
Whilst we are discussing definitions is there a better term for development
honeypots?


Hi all,
I have a combination of Lance, Ed Shirey, Matt Fisher, Davide Del Vecchio and your definition (please excuse me if I've forgotten someone):
"A honeypot is a computer security resource (a decoy) used to monitor, log, and study (for whatever purpose) the actions and consequences of entities which probe, attack or compromise that resource."
I have suppressed the term "unauthorized entitites" because the entities that probe, attack or compromise the honey* are suspicious by definition, so I think it's redundant in the definition. I've also introduced the term 'decoy' because I think that it says a lot of things with only that 'magical' word. 

Regards,
--
                 Sergio Pozo Hidalgo <sergiopozo () us es>
               Quivir Group <http://www.lsi.us.es/~iq2cp/>
              Department of Languages and Computer Systems
                     University of Seville (Spain)
         PGP Key http://www.rediris.es/cert/servicios/keyserver/

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: