|
Honeypots
mailing list archives
Honeynet Alliance Charter Question
From: Adam Carlson <ajcarlson () ucdavis edu>
Date: Tue, 15 Mar 2005 12:43:00 -0800
Greetings all,
I was wondering if someone could explain to me the meaning and
purpose of the honeynet alliance requirement 4.8 involving data capture.
From this page:
http://www.honeynet.org/alliance/charter.txt
"4.8 Organizations that deploy honeynets and related technologies for
data capture must use passive means. No active means of data
capture are acceptable under the Alliance. "
What types of activity would be considered "passive" data capture as
opposed to "active". I see how tcpdump would be considered passive,
while something like nmap would be considered active, but is there a
more formal definition/description that could be used to help classify
data capture methods when they aren't so obvious? Having a better
understanding of the intent of this requirement might help me understand
how to interpret it as well. Please let me know any thoughts you might
have.
Thank you for any assistance, -Adam
--
Clatto Verata Nicto
 By Date 
By Thread
Current thread:
- Honeynet Alliance Charter Question Adam Carlson (Mar 15)
|
Intro
