Educause Security Discussion
mailing list archives
Re: Honeypot policy
From: "Shamblin, Quinn" <qrs () BU EDU>
Date: Mon, 20 Jan 2014 19:22:06 +0000
We designed our policies so that things like this are not actually prohibited, but they are prohibited unless reviewed
and approved by information security.
So it gives us the chance to make sure that putting a tool like this in place does not provide a security hole which
could lead to bigger problems
On Jan 19, 2014, at 7:54 PM, "John C. A. Bambenek, GCIH, CISSP" <bambenek.infosec () GMAIL COM> wrote:
I am grappling with security policy concerns with having honeypots on a campus network (DMZ). This is for research and
a security class. Do you allow these on your campus networks or require them on external provider/ISPs? If on campus,
how did you deal with the policy issues?