Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
Re: [suse-security] Crackers Trap tool/project
  • From: jfweber@xxxxxxxxxxxxx
  • Date: Wed, 3 Dec 2003 14:30:57 -0500
  • Message-id: <200312031430.57497.jfweber@xxxxxxxxxxxxx>
On Wednesday 03 December 2003 10:02 am, Matthias Riese wrote:

<snip>
> There are multiple projects all called "honeypots", listed here:
>
> http://www.tracking-hackers.com/papers/honeypots.html
>
> However these projects take the above idea much further.
> Instead of blocking the attacks, they let the attacker
> in into a secured environment where the attack can be logged
> and later analyzed without putting security at stake.
<snip>

One word about "Honeypots", before you put one into use , make certain
your country doesn't have laws against this sort of thing. Here It's
called something like affecting some other person's computer w/o their
permission. Apparently it's okay if you just log and let go. But many
honeypots are in the nature of a "tarpit" ( named for the La Brea
Tarpits in So. Calif. ) For instance actually try to hold the attacker
until their computer crashes! It's a really gray area in the law right
now. So if you don't want to be the first to test these laws ... make
sure your country doesn't mind your capturing a hacker that is ,
actually invading your home or business.. I suspect it would be
overturned eventually, but it's tricky till then...


< Previous Next >