Honeypots: RE: honeytokens

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

RE: honeytokens

From: "Aditya Deshmukh" <aditya.deshmukh () online gateway strangled net>
Date: Thu, 12 May 2005 22:24:08 +0530

1.What are he key challenges involving honeytokens?


Keeping track of the honey tokens and then collecting them at the attack
stage
For example I create a username / password that is setup in a partially
hidden from the outside world and someone captures it.

That username try's to login to the net from someplace - unless I have the
IDS + Central Auth + some other infrastructure I cannot detect this in real
time.

2.Why has it not been implemented on a large basis?


Because of too much attention is to required to be paid for something that
might never show up in the network / other social engg hacks ...


-aditya



________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

By Date By Thread

Current thread:

honeytokens Vijayakumar (May 06)
- Re: honeytokens Valdis . Kletnieks (May 06)
- Re: honeytokens victor calzado (May 08)
- RE: honeytokens Aditya Deshmukh (May 12)
- <Possible follow-ups>
- RE: honeytokens Stejerean, Cosmin (May 06)