|
Penetration Testing
mailing list archives
Re: [PEN-TEST] Recourse Technologies -- info wanted
From: Andrew Lawton <ALawton () INFOSYSINC COM>
Date: Wed, 4 Oct 2000 08:43:05 -0400
I hope this isn't too off topic.
Lance Spitzner has some excellent whitepapers that show effective use of a
honey pot.
He's at: http://www.enteract.com/~lspitz/pubs.html
There's a lot more scanning going on now, and I think the issue would be
having a system that a script kiddie would consider "interesting".
Personally, as far as Recourse Tech et al. I would be leery of marketing
info for reasons mentioned below. You want to talk to the techs doing the
work, I would guess.
'drew
-----Original Message-----
From: Ben Rothke [mailto:brothke () EBNETWORKS COM]
Sent: Tuesday, October 03, 2000 5:08 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Recourse Technologies -- info wanted
On the subject of Honey Pots, Steve Bellovin told me that the only real use
for a honey pot is to test how effective your firewall is. More than that,
forget it.
As to capturing hackers (which many of the Honey Pot say their products do),
it sounds romantic, but you have to remember that when Cliff Stoll or Bill
Cheswick with Berferd, they had a lot of time. And in the end Berferd was
never apprehended. Cheswick concludes 'Though the Jail was an interesting
and educational exercise, it was not worth the effort.'
Ben
 By Date 
By Thread
Current thread:
- Re: [PEN-TEST] Recourse Technologies -- info wanted, (continued)
|
Intro
