Re: Moving forward with defintion of honeypots

["Bernie, CTA" <cta () hcsin net>]

I would agree with mix / mod of Option A and B. However, I 
believe that we should add the word security to the definition 
in order to satisfy legal use or intent, and potential privacy 
violation issues. 

Considering that in most current Honeypot (decoy) 
deployment topologies Users with honest intent may 
unknowingly land upon the gates of a honeypot while 
expecting privacy of their activities to be maintained, there 
may be a risk of running afoul of certain privacy, 
eavesdropping, wiretapping laws. 

That is, directly monitoring/recording an individual's actions 
without their permission could generally be considered 
eavesdropping or wiretapping (at least here in the USA), 
unless such monitoring/recording is performed by law 
enforcement with a valid COURT ORDER, or unless such 
monitoring/recording is performed as to protect the system 
from unauthorized use and to ensure that the system is 
functioning properly.

Furthermore, using a honeypot as a general decoy and 
eavesdropping resource, may provide grounds for entrapment. 

Therefore, I would suggest the a mix of A and B as follows:

"A honeypot is an information system security resource 
whose value lies in being probed, attacked, or compromised, 
which may contribute to the monitoring of unauthorized or 
illicit use of that resource"


On 19 May 2003, at 22:23, Lance Spitzner wrote:
> ...
> Honeypots do not solve a specific problem, they are a 
> highly flexible tool with many different applications to
> security.  This is one of the things that makes honeypots
> unique.
>
> Based on all the feedback we have been getting, I've 
> narrowed this down into two options.
>
> Thoughts?
>
>
> OPTION A
> --------
>   "A honeypot is an information system resource who's
>    value lies in being probed, attacked, or compromised"
>
>
> OPTION B
> -------- 
>   "A honeypot is an information system resource who's
>    value lies in monitoring unauthorized or illicit use of 
>    that resource"

-
****************************************************
Bernie 
Chief Technology Architect
Chief Security Officer
cta () hcsin net
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go 
//    to avoid the pure labor of honest thinking."   
//     Honest thought, the real business capital.    
//      Observe> Think> Plan> Think> Do> Think>      
*******************************************************