Honeypots mailing list archives
Re: Honeytokens and detection
From: Brian Hatch <honeypots () ifokr org>
Date: Thu, 3 Apr 2003 16:05:54 -0800
What would be even better is if the IRS or some credit card companies could post or distribute such honeytoken numbers, so we within the security community are certain we are not implanting valid numbers.
You can easily create bogus credit card numbers, since they use a check digit to be sure that it's valid. The first relevant page I found via google describes the check digit algorithms, and proper format (prefix/length) of the numbers for various credit card companies, so generating a number that looked good should be pretty easy. However the easiest is probably to just take a hundred credit card numbers that you already have stored, and add 1 to one of the middle digits at random. It's guarenteed to break the check digit algorithm, but other than that it looks fine, with no need to actually generate them. -- Brian Hatch "In five minutes we're Systems and going to take a nap." Security Engineer -- Bri http://www.ifokr.org/bri/ "No! Ten Minutes!" -- Reegen, age 21 months. Every message PGP signed
Attachment:
_bin
Description:
Current thread:
- Honeytokens and detection Lance Spitzner (Apr 03)
- Re: Honeytokens and detection Bram Matthys (Syzop) (Apr 03)
- Re: Honeytokens and detection Brian Hatch (Apr 03)
- Re: Honeytokens and detection Jeremy Bennett (Apr 03)
- Re: Honeytokens and detection Brian Hatch (Apr 03)
- Re: Honeytokens and detection Jeremy Bennett (Apr 03)
- Re: Honeytokens and detection Bojan Zdrnja (Apr 03)
- RE: Honeytokens and detection Andrew Hintz (Drew) (Apr 04)
- <Possible follow-ups>
- RE: Honeytokens and detection Beau Monday (Apr 03)
- RE: Honeytokens and detection LAVELLE,MICHAEL (HP-PaloAlto,ex1) (Apr 04)
- RE: Honeytokens and detection Glenn_Everhart (Apr 04)
- Re: Honeytokens and detection george chamales (Apr 04)
- Re[2]: Honeytokens and detection Bojan Zdrnja (Apr 05)
- Re: Honeytokens and detection andre (Apr 05)
- Re[2]: Honeytokens and detection Bojan Zdrnja (Apr 05)
(Thread continues...)