Penetration Testing mailing list archives
RE: honeypot in conjunction with pen test?
From: "Aleksander P. Czarnowski" <alekc () avet com pl>
Date: Wed, 5 Jun 2002 18:15:21 +0200
I don't believe that installing honeypots before pen-test is a really good idea. If you consider just technological issues the honeypots don't proof anything during pen-tests (I assume that the pentester is a pro): many methodologies adjust to specific situation so at the end different tools would be used against your honeypot and other parts of the system. On could argue that it is possible to sniff all of pen-tester traffic to verify what tests he really performed, but it in almost every case it is just a waste of your time (unless you like strange learning approaches). It also takes time and other resources to install before test and remove honeypot after them. During this process you can unintentionally modify state of your system so at the end pen-test results won't reflect current system state. Honeypot can also attract real attackers and it could lead to several consequences. One of them is interference with pen-tests. Just my 2 cents, Best Regards, Aleksander Czarnowski AVET INS ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- RE: honeypot in conjunction with pen test? Aleksander P. Czarnowski (Jun 05)
- <Possible follow-ups>
- RE: honeypot in conjunction with pen test? Javier Fernandez-Sanguino Pena (Jun 06)
- Re: honeypot in conjunction with pen test? Bennett Todd (Jun 06)
- Re: honeypot in conjunction with pen test? Mike Riley (Jun 06)
- Re: honeypot in conjunction with pen test? Mark Tinberg (Jun 07)
- Re: honeypot in conjunction with pen test? Daniel Polombo (Jun 07)
- honeypot in conjunction with pen test? Javier Fernandez-Sanguino Pena (Jun 18)
- Re: honeypot in conjunction with pen test? Alex Russell (Jun 19)
- RE: honeypot in conjunction with pen test? Woody Weaver (Jun 19)