Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stats from a Network Surveillance System

Posted by michael on from the master-blaster dept.

LogError writes "Sombria ("shadowy" in Portuguese) is a honeypot system set up in Tokyo, Japan, that is intended for network surveillance and research and not for production purposes. This paper provides some statistics and an overview of the most prominent attacks from May through July 2003."

2 of 12 comments (clear)

  1. Re:summary of some of the more interesting parts.. by 4of12 · · Score: 4, Insightful

    Sure wish there was more economic incentive for Poland, Romania, and Brazil not to crack systems, but to help build out and defend networks instead.

    The problem is that putting up a compromisable host on the Internet is relatively easy and the costs of the compromised system are not born entirely by the owner of the system, but are shared by everyone else on the network that might become victim of a DDoS, congestion, spam, etc.

    I really only see a couple of ways of dealing with this.

    One, have a central authority scan for vulnerabilities and have the authority to fine and /or shutdown net access for systems that endanger network health.

    Two, institute distributed white hat scans that either shutdown the host, install patches forcible after some time.

    It makes sense to require anyone using a common resource like the Internet to agree to responsible behavior and accept punishment for irresponsible behavior, such as running vulnerable systems. Just like food service workers that get tested for communicable diseases or drivers that require licenses, the commons of the Internet should also be protected.

    --
    "Provided by the management for your protection."
  2. Re:summary of some of the more interesting parts.. by WTFmonkey · · Score: 4, Insightful
    Yowza. Doesn't that last paragraph sorta defeat the purpose of the internet? I kind of see it like a computing Darwinism (not that this is ideal, but this is how it looks to me). That is, if you want to put your content on the internet, you should either a) know how to secure it, b) pay someone (i.e., a reputable hosting company) who knows how, or c) be prepared to get shafted.

    There's also the age old question of logistics. How do you require anything of anybody living in a foriegn country whose government couldn't care less about some faceless citizen sending out viruses faster than a two-dollar hooker, or who leaves his smtp server open? We'll need a "world government" before we can approach that one. And that might be a long time coming. The kind of control you're talking about seems to be way too centralized to me (yes, I know that's your point).

    Of course there's always vigilante action. Who's with me in forming a coalition of superheros who travel the globe, righting wrongs and avenging bad computing practices? ARRR!