Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: morning_wood should stop posting xss

From: Ron DuFresne <dufresne () winternet com>
Date: Fri, 25 Jul 2003 09:24:46 -0500 (CDT)



Point of order: To be a honeypot the vulnerability would have
to be on a system that served no other purpose, despite what
ISS would have you believe.



        [SNIP]



Consider then the concept of a 'Honey Token'
http://securityfocus.com/infocus/1713




Yet, the article states that these are more of a 'insider threat'
monitoring tool.  Few if any honeytokens would probably ever be exposed to
the internet at large.


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: