Honeypots mailing list archives

RE: how tight should a honeypot be configured?

From: "Stejerean, Cosmin" <cstejere () cti depaul edu>
Date: Wed, 8 Jun 2005 12:28:44 -0500

It really depends on what you want to use the honeypot for. If it is
completely open and vulnerable you will probably detect a lot of
"script-kiddy" attacks, worms and other things that attack the "easy kill"
targets. 

If your honeypot is really hardened you will make it hard for someone with a
low level of skill to compromise it because in most cases they will simply
move on to something easier. At the same time you are not likely to see
attacks from really skilled hackers unless you can make it seem that the
honeypot is a valuable target. 


Cosmin


-----Original Message-----
From: Carlos Ousinos [mailto:cousinos () ti parmapatas net] 
Sent: Wednesday, June 08, 2005 6:00 AM
To: honeypots () securityfocus com
Subject: how tight should a honeypot be configured?

Hi,

I was wondering, what's your opinion on how securely a honeypot should 
be configured?  Should it be really hardened or completely open and 
vulnerable?

Carlos.

Attachment: smime.p7s
Description:

Current thread:

how tight should a honeypot be configured? Carlos Ousinos (Jun 08)
- Re: how tight should a honeypot be configured? Valdis . Kletnieks (Jun 08)
- <Possible follow-ups>
- RE: how tight should a honeypot be configured? Stejerean, Cosmin (Jun 08)
- Re: how tight should a honeypot be configured? Earl Sammons (Jun 08)