Re: Honeypots: Bait for the Cracker

[InfoSec News <isn () C4I ORG>]

Forwarded by: Aj Effin Reznor <aj () reznor com>

"InfoSec News was known to say....."

> http://www.wired.com/news/culture/0,1284,42233,00.html

(figures)

> Shah said the team has learned about the tools that attackers use.
> But perhaps more importantly, they have also learned about
> crackers' motives for attacking systems: Many don't crack a system
> because they want to access information, they crack it simply
> because they can.

*Groan*.  I don't disagree, or agree really, with the honeypot/net
projects, but is this the statement to make?  Manhours, resources, and
the Grammy goes to..... Something Everyone Has Known For A Decade!

Geez...

-aj.



Date: Thu, 8 Mar 2001 09:35:34 -0600
From: JD Runyan <Jason.Lists () DMS NWCG Gov>
To: InfoSec News <isn () C4I ORG>
Subject: Re: [ISN] Honeypots: Bait for the Cracker


Give me a break on the wiretapping.  These crackers have broken the
law. You can monitor your employees computer use, and phone use on
your equipment.  These conversations are not private by virtue that
they are stealing the resources to conduct them.

> Since most crackers quickly set up private Internet Relay Chat
> proxy servers on any system they can access, honeynet or honeypot
> observers are often able to capture logs of the crackers'
> conversations.
>
> The ability to monitor private conversations is one of the reasons
> that some have ethical problems with honeynet.
>
> One of the original honeynet team members, J.D. Glaser, director
> of engineering at security firm Foundstone, recently resigned from
> the project. He hopes it won't continue to grow.
>
> Glaser said that he has become increasingly convinced that
> electronic wiretapping is wrong, even when it's used for research.



Date: Thu, 08 Mar 2001 15:50:56 -0500
From: Meritt James <meritt_james () bah com>
To: InfoSec News <isn () C4I ORG>
Subject: Re: [ISN] Honeypots: Bait for the Cracker

"Entrapment" is a legal concept.  While a law enforcement officer can
do such a thing (or direct it being done), a private operator cannot.


> Adams also feels that honeypots and honeynets come close to
> entrapment.
>
> "It's like opening a fake store, loading it with cool stuff, and
> sitting back hoping someone will break into it," he said.
>
> But since entrapment involves coercing someone to commit a crime
> they would not otherwise have committed, attorney Jason Wilson
> said that the typical honeynet or honeypot would not be considered
> entrapment under United States law.


--
James W. Meritt, CISSP, CISA
Booz*Allen & Hamilton
phone: (410) 684-6566

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".