Honeypots mailing list archives
RE: newbie Re: Honeypots: Uses and Features
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Mon, 16 Jun 2003 08:46:25 +1200
-----Original Message----- From: Sydney Grenzebach [mailto:sydney () sydcom de] Sent: Sunday, 15 June 2003 6:01 p.m. To: honeypots () securityfocus com Subject: newbie Re: Honeypots: Uses and Features Hi All, I have a question to the thread, whilst reading the comments I was wondering if anyone had seen the Honeypots being used to detect an attack which was previously unknown.
A lot of pretty famous security companies actively use honeypots to get information about actual and possibly new attack patterns. Probably the best example is Digital Defense's honeypot which, back in april, detected a previously unknown attack on samba. You can find more info about this case at the following URL: http://news.com.com/2100-1009-996574.html Also, I'd suggest to check honeynet challenges, ie. http://project.honeynet.org/scans/scan17/ had a case with attack which wasn't detected by IDS or firewall. Best regards, Bojan Zdrnja
Current thread:
- newbie Re: Honeypots: Uses and Features Sydney Grenzebach (Jun 15)
- RE: newbie Re: Honeypots: Uses and Features Bojan Zdrnja (Jun 16)
- Re: newbie Re: Honeypots: Uses and Features dave (Jun 16)