Honeypots mailing list archives

RE: newbie Re: Honeypots: Uses and Features

From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Mon, 16 Jun 2003 08:46:25 +1200

-----Original Message-----
From: Sydney Grenzebach [mailto:sydney () sydcom de] 
Sent: Sunday, 15 June 2003 6:01 p.m.
To: honeypots () securityfocus com
Subject: newbie Re: Honeypots: Uses and Features

Hi All,
I have a question to the thread, whilst reading the comments 
I was wondering 
if anyone had seen the Honeypots being used to detect an 
attack which was 
previously unknown.


A lot of pretty famous security companies actively use honeypots to get
information about actual and possibly new attack patterns.

Probably the best example is Digital Defense's honeypot which, back in
april, detected a previously unknown attack on samba.
You can find more info about this case at the following URL:

http://news.com.com/2100-1009-996574.html


Also, I'd suggest to check honeynet challenges, ie.
http://project.honeynet.org/scans/scan17/ had a case with attack which
wasn't detected by IDS or firewall.

Best regards,

Bojan Zdrnja

Current thread:

newbie Re: Honeypots: Uses and Features Sydney Grenzebach (Jun 15)
- RE: newbie Re: Honeypots: Uses and Features Bojan Zdrnja (Jun 16)
- Re: newbie Re: Honeypots: Uses and Features dave (Jun 16)