Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsofts "Honeymonkey" Project

Posted by samzenpus on from the how-could-this-go-wrong dept.

g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."

2 of 320 comments (clear)

  1. how much thought went into this? by ChipMonk · · Score: 5, Insightful

    Two simple questions:

    1. Are these machines using non-Microsoft IP addresses for their 'net access?

    2. If not, how long until the worm authors take that into account?

  2. Re:Good idea by st1d · · Score: 5, Insightful
    This is a pretty good idea. If anything, it will help curb the script kiddies indesciminantly flinging exploits around. Unless you want that overflow you found to get patched, pick and choose your targets carefully.


    Not really, as script kiddies, by definition, don't typically discover exploits, they're more thrill seekers looking for an ego trip. When an exploit stops working, they'll just move on to another. When (if?) exploits become hard to find, because true crackers protect them better, the script kiddies will return to their previous pursuits, games and porn.
    --
    Microsoft has just released their much anticipated hands-free cordless mouse. Warning, it may hurt a little at first.