Honeypots mailing list archives
Re: SecurityFocus new honeypot article announcement
From: oudot laurent <oudot () rstack org>
Date: Tue, 28 Oct 2003 07:26:29 +0100
Michael Sierchio a écrit:
oudot laurent wrote:The article might have sounded better informed if it understood the distinction between honeypot and tarpit.Do you mean that we should not talk about tarpits downto the honeypots community ??I think I was expressing my desire for more beef,
greedy man :-)
obviously not appropriate to the "executive summary" or "Readers Digest" version, sorry. Context, I try to remind myself, context... A very simple elucidation, though -- tarpits are devised specifically to slow down an attack by crafted protocol tricks (rapidly decreasing window size, etc.) and honeypots are designed to provide an environment to observe them by posing as attractive targets.
I totally agree with you, but notice that both technologies converge. Devels from Honeyd or KFSensor (for example) are working hard to integrate tarpiting capabilities into honeypots.
Though they have not the same goal, they both fool evil hackers or worms, with their own means. That's an explanation of this tendency.
See you, laurent
Current thread:
- SecurityFocus new honeypot article announcement Lance Spitzner (Oct 23)
- Re: SecurityFocus new honeypot article announcement Michael Sierchio (Oct 24)
- Re: SecurityFocus new honeypot article announcement oudot laurent (Oct 27)
- Re: SecurityFocus new honeypot article announcement Michael Sierchio (Oct 27)
- Re: SecurityFocus new honeypot article announcement oudot laurent (Oct 28)
- Re: SecurityFocus new honeypot article announcement Lance Spitzner (Oct 28)
- Re: SecurityFocus new honeypot article announcement oudot laurent (Oct 27)
- Re: SecurityFocus new honeypot article announcement Michael Sierchio (Oct 24)
- <Possible follow-ups>
- Re: SecurityFocus new honeypot article announcement bp1974 (Oct 30)