Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: Few questions about sp800-31

Few questions about sp800-31

From: Kuznetsov A.N. <pm_kan_at_mail.ru>
Date: Mon, 27 Nov 2006 16:27:09 +0300

Hi list,
   recently I have read sp800-31(NIST Special Publication on Intrusion Detection
System) and have some questions about it.

On page 28 they wrote about disadvantages of Honey Pots and Padded Cells
 - The legal implications of using such devices are not well defined
What kind of problems with law can any have when using Honey Pot or Padded Cell?
The best thing I can guess that it can be some problems if IDS redirect legal
user to Padded Cell and he get wrong info.
 - An expert attacker, once diverted into a decoy system, may become angry and
launch a more hostile attack against an organization’s systems.
How such sentences can be in official documents? Thinking in such way we should
disable all security mechanisms in order to not make attacker angry.

Sorry for my English^) 

-- 
Best regards,
 Kuznetsov Andrey           pm_kan_at_mail.ru
Received on Nov 27 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos