Honeypots mailing list archives

Re: RE: Heisenberg in the honeypot

From: Guilhem <guilhem.m () wanadoo fr>
Date: Tue, 22 Jun 2004 12:57:34 +0200 (CEST)

I don't agree with this point. First because some have targets, instead of blind hacks, and may have to try although 
they know there are honeypots. And second, because of several sysadmin i know, who don't know what honeypots are, and 
don't know what's going on on their own networks. When a sysadmin decides to use honeypots, he may decide not to tell 
his fellow co-admins...

Guilhem

True, but scanning and exploiting unpatched systems
doesn't exactly qualify as zero-day.  And my point
isn't knowing that a box is a honeypot or not, but
instead targeting network where I know there are no
honeypots.  For example, if I meet someone online or
in a bar and find out they're a sysadmin, I can get to
know them, chat w/ them, develop an understanding of
their technical abilities...then mention honeypots. 
If they tell me, "yeah, but we don't have any" or
simply don't know what I'm talking about...

Current thread:

Re: Heisenberg in the honeypot, (continued)
- - - Re: Heisenberg in the honeypot James Riden (Jun 22)
    - Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
    - RE: Heisenberg in the honeypot Chuck Fullerton (Jun 22)
    - RE: Heisenberg in the honeypot Harlan Carvey (Jun 22)
    - Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
    - Re: Heisenberg in the honeypot PCSage Information Services (Jun 22)
    - Re: Heisenberg in the honeypot Harlan Carvey (Jun 22)
    - Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
    - Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
    - Re: Heisenberg in the honeypot Valdis . Kletnieks (Jun 22)
- Re: RE: Heisenberg in the honeypot Guilhem (Jun 22)