Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsofts "Honeymonkey" Project

Posted by samzenpus on from the how-could-this-go-wrong dept.

g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."

4 of 320 comments (clear)

  1. how much thought went into this? by ChipMonk · · Score: 5, Insightful

    Two simple questions:

    1. Are these machines using non-Microsoft IP addresses for their 'net access?

    2. If not, how long until the worm authors take that into account?

  2. Re:Sounds stupid by LurkerXXX · · Score: 4, Insightful

    Maybe some of their non-critical patches actually fix an unknown exploitable hole. They might want to change the status of those fixes from optional to critical.

  3. Re:Good idea by st1d · · Score: 5, Insightful
    This is a pretty good idea. If anything, it will help curb the script kiddies indesciminantly flinging exploits around. Unless you want that overflow you found to get patched, pick and choose your targets carefully.


    Not really, as script kiddies, by definition, don't typically discover exploits, they're more thrill seekers looking for an ego trip. When an exploit stops working, they'll just move on to another. When (if?) exploits become hard to find, because true crackers protect them better, the script kiddies will return to their previous pursuits, games and porn.
    --
    Microsoft has just released their much anticipated hands-free cordless mouse. Warning, it may hurt a little at first.
  4. Re:A good idea by penix1 · · Score: 4, Insightful

    From TFA...

    ""Just by visiting a Web site, (if) suddenly an executable is created on your machine outside the Internet Explorer folder, it is an exploit with no false positive -- it's that simple," Yi-Ming Wang, senior researcher with Microsoft Research, said during a presentation at the IEEE Security and Privacy conference in Oakland last week."

    Want this sillyness fixed? Kill the ActiveX shit! Microsoft created that mess in the first place trying to dominate Java and like usual instead of going for the cause they go for the symptom.

    B.

    --
    This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.