Home page logo

dailydave logo Dailydave mailing list archives

Building a better honeypot
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 10 Dec 2012 16:05:56 -0500

I don't normally read Honeynet.org, but when I do...well I have to say
I'm impressed. http://www.honeynet.org/node/1004

Building a better honeypot is a worthy effort - one that may possibly
have a big place in the future of network security insomuch as right now
most people have forgotten the technique even existed. David Dittrich in
the post above goes over point by point the various marketing efforts
Crowdstrike and various parties have been pushing with regards to
"offensive" and takes it apart the ways you would expect.

It's all too easy to focus on the marketing echo chamber with such
things, and lose track of the technology. I have a simple rule for
whether or not some technology being marketing is going to work and it's
this: Do the people involved want to get out after five years? If their
plan is to cash out and move on, they'll either succeed or not, but it
won't make any difference to any hacker anywhere.

In other words, if what you're seeing is success theater, than so be it.
But the cyberwar world, as fast as it changes, is won by people in it
for the long haul.


INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach

Attachment: signature.asc
Description: OpenPGP digital signature

Dailydave mailing list
Dailydave () lists immunityinc com

  By Date           By Thread  

Current thread:
  • Building a better honeypot Dave Aitel (Dec 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]