Security Basics mailing list archives
Re: Intro To Hacking
From: Miles Stevenson <miles () mstevenson org>
Date: Mon, 18 Oct 2004 16:04:02 -0400
On Monday 18 October 2004 03:45 pm, Jonathan Loh wrote:
With that said. How did you build your first honeypot then? Were you not a beginner? There are different types of beginners here. One that has training and one that does not. Think about it how does anyone build anything? If everyone took your approach we'd be back in the stone ages! Everyone has to start somewhere.
Please take my response to this in the good spirit in which it is intended: to correct the errors you made in your criticisms. This is not a flame, which would be inappropriate (and I think the moderator would agree). This is irrational. I think you are coming to this conclusion because you are defining "advanced" security professionals (as I called them in my post), as those who already know a great deal about honeypots and have experience using them. I use the term advanced in the context applied to the general area of security which is exactly the way I said it: "advanced security researchers" (applied to the general area of security). In other words, people new to information security should NOT be operating honeypots. First, they should be working on other necessary skills such as firewalls, intrusion detection, system hardening, etc, etc. Those who have those necessary skills and experience in practicing them, are much better prepared to deal with the delicate process of observing attackers while preventing them from attacking others. So back to your question: "How did you build your first honeypot then?" I first did a lot of research on the subject and attended a SANS lecture by Lance Spitzner of the Honeynet project. I then applied my previous 4 years of professional security experience and combined that with the research that I did on honeypots BEFORE attempting to operate one. As far as my response to your other comment: "If everyone took your approach, we'd be back in the stone ages!" This also demonstrates a lack of rational thought. Man first had to learn to create fire before he could build electric generators. This is the same concept in all fields of knowledge: you must learn the fundamental concepts before you learn the advanced ones which rely on those fundamentals. Any further questions I can help you with? -- Miles Stevenson miles () mstevenson org PGP FP: 035F 7D40 44A9 28FA 7453 BDF4 329F 889D 767D 2F63
Attachment:
_bin
Description:
Current thread:
- Intro To Hacking Jason Dusek (Oct 15)
- Re: Intro To Hacking Miles Stevenson (Oct 18)
- Re: Intro To Hacking Jonathan Loh (Oct 19)
- Re: Intro To Hacking Miles Stevenson (Oct 19)
- Re: Intro To Hacking Jonathan Loh (Oct 19)
- Re: Intro To Hacking VHP3 (Oct 18)
- Re: Intro To Hacking Greg Tracy (Oct 18)
- Re: Intro To Hacking Barrie Dempster (Oct 19)
- Re: Intro To Hacking Micheal Espinola Jr (Oct 18)
- Re: Intro To Hacking Greg Tracy (Oct 18)
- Re: Intro To Hacking Jon Lawhead (Oct 18)
- Re: Intro To Hacking xyberpix (Oct 20)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re: Intro To Hacking Jason Dusek (Oct 18)
- Re: Intro To Hacking Andrew Smith (Oct 18)
- Re[2]: Intro To Hacking Jeffrey S. Sims (Oct 20)
- Re: Intro To Hacking Jason Dusek (Oct 18)
(Thread continues...)
- Re: Intro To Hacking Miles Stevenson (Oct 18)