Honeypots mailing list archives
Re: RE: Heisenberg in the honeypot
From: Guilhem <guilhem.m () wanadoo fr>
Date: Tue, 22 Jun 2004 12:57:34 +0200 (CEST)
I don't agree with this point. First because some have targets, instead of blind hacks, and may have to try although they know there are honeypots. And second, because of several sysadmin i know, who don't know what honeypots are, and don't know what's going on on their own networks. When a sysadmin decides to use honeypots, he may decide not to tell his fellow co-admins... Guilhem
True, but scanning and exploiting unpatched systems doesn't exactly qualify as zero-day. And my point isn't knowing that a box is a honeypot or not, but instead targeting network where I know there are no honeypots. For example, if I meet someone online or in a bar and find out they're a sysadmin, I can get to know them, chat w/ them, develop an understanding of their technical abilities...then mention honeypots. If they tell me, "yeah, but we don't have any" or simply don't know what I'm talking about...
Current thread:
- Re: Heisenberg in the honeypot, (continued)
- Re: Heisenberg in the honeypot James Riden (Jun 22)
- Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- RE: Heisenberg in the honeypot Chuck Fullerton (Jun 22)
- RE: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
- Re: Heisenberg in the honeypot PCSage Information Services (Jun 22)
- Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
- Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)