Fun Things To Do With Your Honeypot System

An anonymous reader writes "Whitedust is running an interesting article on honeypots and their uses. From the article: 'Most papers deal with the potential gains a honeypot can give you, and the proper way to monitor a honeypot. Not very many of them deal with the honeypots themselves... Honeypots can be used to ensnare and beguile potential hackers; entice them to give you more research information, and actively defend your production network."" From the article: "Once an attacker has taken all the trouble to set up shop on your honeypot, he'll probably want to see what else there is to play with. If your honeypot is like most traditional honeypots, there's not much for an attacker to do once he gets in. What you really want if for the attacker to transfer down all the other toys in his arsenal so you can have a copy as well. Giving an attacker additional targets with various operating systems and services can help him decide to give you his toys. The targets can be real, but you'll get almost as much mileage if they're simulated. A good place to start is to put a phantom private network up hung off the back of the honeypot."

What is Honeypot

[in2mind]

For those who dont know what a honeypot is: [From Wikipedia.]

____________________________________________
Honeypot is literally the term for a container of honey but is used in several different ways, often playing off the image of sweetness being used as a lure:

* A computer system set up as a trap for attackers; see Honeypot (computing)
* Traps designed to catch conventional criminals; see honey trap

Re:And a fun way to get free warze.

I'm surprised a /.'er would recommend VMware, with XEN the clear winner in the honeypot niche. Just check out The Potemkin Honeyfarm for more info... These guys are actually able to deploy an image is less than a second and do all sorts of whacky business to delude hackers into believing they're roaming the internet freely :-)