Honeypots mailing list archives
RE: Heisenberg in the honeypot
From: Harlan Carvey <keydet89 () yahoo com>
Date: Mon, 21 Jun 2004 09:18:03 -0700 (PDT)
Chuck, Thanks for the response...
This principle is flawed. If you apply this principle to a different subject as well, let say, police sting operations, Then this would become a valid defense effectivly making All Sting operations Illegal.
Interesting. Are you saying that the HUP is flawed, or the application I'm proposing is flawed? Either way, I think what you've brought up is a very good analogy...people do bad stuff, knowing that there are things such as sting operations. However, that's not quite what I'm asking...what I'm asking is if anyone out there believes that simply b/c honeypots are known to exist, are *new* exploits and techniques being withheld from large scale use. With police sting operations, there are no new techniques they are countering...the operations are set up around well-known actions/habits of individuals and groups.
The point of a Honeypot is that you make it look as real as possible. That way the Cracker doesn't know its a honeypot. The more we have out here on the Internet the safer everyone will be because there is a greater chance of them getting caught.
I agree, to a point. Let's say I have a lab, and I've discovered something entirely new...not based on brute force or password cracking or anything like that, but entirely new. If I had nefarious intentions, I would most likely test it in a lab, and then test it against other systems in a controlled manner. I might even refine that technique in the lab. If I were then to release it outside of the lab, say, use it to gain access to networks other than my own, I wouldn't release it as part of a worm...I would target specific infrastructures where the value of the information exceeded the level of effort I had to expend. I would also target only those systems that I knew were managed in a less-than-secure nature...and didn't have honeypots.
Current thread:
- Re: Heisenberg in the honeypot, (continued)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 21)
- Re: Heisenberg in the honeypot Ranjeet Shetye (Jun 21)
- Re: Heisenberg in the honeypot MrDemeanour (Jun 21)
- Re: Heisenberg in the honeypot Christian Kreibich (Jun 21)
- Re: Heisenberg in the honeypot Robert Judy (Jun 21)
- Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
- Minefields Lance Spitzner (Jun 22)
- Re: Minefields MrDemeanour (Jun 23)
- Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- RE: Heisenberg in the honeypot Harlan Carvey (Jun 21)
- RE: Heisenberg in the honeypot Chuck Fullerton (Jun 21)
- RE: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- Re: Heisenberg in the honeypot James Riden (Jun 22)
- Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- RE: Heisenberg in the honeypot Chuck Fullerton (Jun 22)
- RE: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)