To Trap A Thief

Mathew Schwartz   Today’s Top Stories   or  Other LAN/WAN Stories  

Migrating to Vista Sea Change Investment Fund Talks About Google Apps Eric Schmidt and Douglas Merrill talk about Google Apps Case Study: Golder Associates How to Optimize Your Capture Workflow American Jewish Historical Society Makes Documents More Accessible Computerworld Executive Briefing: Automating Network Management Virtual Reality SaaS Solutions for Remote Systems Management Sign up to receive LAN/WAN Resource Alerts

April 2, 2001 (Computerworld) -- If you want to break into a house, why spend time prying open the front door if the back door is wide open? Same goes when breaking into computer networks. Most networks and servers are set up with configuration errors that are well known to hackers, who can download free tools that will scan many different networks looking for those easy-open entry points. No genius-level code manipulation or high IQ is needed.

Honeypots Core Elements Looks and behaves as if real Doesn't disclose its existence at any point Is partially disabled so hackers can't still take it over Has a dedicated firewall that prevents all outbound traffic, in case honeypot is compromised Lives in a network DMZ, untouched by normal traffic Sounds silent alarms when any traffic goes to or from it Begins logging all intruder activity when it first senses intrusion

Things get interesting, however, when a security administrator purposely leaves a back door open but hides a tripwire behind it. Now the security person knows when an intruder trips the wire and, with luck, the perpetrator can be caught or scared away before causing any damage.

That's the theory behind "honeypots," which are servers and network equipment designed to attract hackers into secure lockboxes rather than let them hack at the network proper. When criminals move in to exploit security flaws in a honeypot, silent alarms go off and network managers can block the intrusion, begin amassing evidence for use in court or even launch a counterattack.

There are two types of honeypots. Hardware-based honeypots are servers, switches or routers that have been partially disabled and made attractive with commonly known misconfigurations. They sit on the internal network, serving no purpose but to look real to outsiders. The operating system of each box, however, has been subtly disabled with tweaks that prevent hackers from really taking it over or using it to launch new attacks on other servers. A honeypot is easy enough to build, but if an experienced cracker succeeds in compromising it, he could use it to launch other attacks.A safer option might be to create an entire network of honeypots, such as the HoneyNet Project. Lance Spitzner, a security consultant at Sun Microsystems Inc. in Chicago, runs the project with 30 other security professionals.

"We call it a 'honeynet' because it's not a single system," he says. It's actually a network of honeypots, full of real hardware, including Cisco switches and Windows NT, Linux and Solaris boxes, all partially disabled. Spitzner's goal is to learn from hacker attacks and share the information on the Web.

Continued...
1 | 2 | 3 | 4 | NEXT  

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"Mozilla has done a great job with Firefox, but its e-mail client, Thunderbird, is going nowhere fast...." Read more... "Steve Ballmer wants you to root for the little guy and underdog: Microsoft. In an interview with the BBC, he..." Read more... Read more Networking posts or See all Blogs

IBM launches Bluehouse, a Facebook for business iPhone grabs top smart phone spot Oracle tries to step up on high-end databases More top stories...

Microsoft scales out SQL Server 2008, wants to 'democratize BI' Virtual Headaches Filters on in-flight Wi-Fi may be just the start

Health hazards for IT workers -- how that desk job wears your body down Too much junk food, too little exercise and a 24/7 tether to technology? Your body ain't happy, friend. Let us count the pains. NASA robot sends back evidence it's snowing on Mars Instruments on the surface of Mars have detected falling snow that is likely evaporating before it reaches the planet. Wall Street's collapse may be computer science's gain One positive development stemming from the collapse of Wall Street may be a boost in interest in computer science and IT careers among students who were previously interested in financial services jobs. Installing Linux apps: A few good tips Getting new software installed on Linux doesn't have to be hard, but it can differ depending on what you're installing. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland Security Apple's iPhone Ask a Premier 100 IT Leader Bill Gates steps down BlackBerry Legal Battle Data Security Breaches Electronic Voting Firefox H-1B Visas HP's Boardroom Scandal Handheld Devices Hurricane Katrina Aftermath Microsoft Legal Issues Microsoft's Vista Open Source RFID Technology SCO's Linux Fight Sarbanes-Oxley Act Spam Voice Over IP Wi-Fi Windows Meta File Vulnerability Windows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class 2006 Computerworld Horizon Awards 2006 Premier 100 IT Leaders 2006 Salary Survey 2007 Best Places to Work in IT 2007 IT Forecast 2007 Premier 100 IT Leaders 40 Years of Computerworld ASPs, Take Two Best Places to Work in IT 2003 Best Places to Work in IT 2004 Best Places to Work in IT 2005 Best Places to Work in IT 2006 Business Intelligence Home Runs Business Intelligence: Smarter BI Business Intelligence: The Future of BI CRM Goes Vertical CRM: Sober CRM Career Planning Guide 2005 Careers: IT Profession 2010 Computerworld Horizon Awards 2005 Data Management: Mining for Gems Data Management: Taming Data Chaos Development: Hard-Workin' Web Sites Development: New Tools New Choices Development: The New World of Application Development Development: The Web Services Tsunami Development: Web Services Hurdles Disaster Recovery: Preparing for the Worst E-commerce Grows Up E-mail/Groupware: Big Decisions Faces of Mobile IT Forecast 2006 Global Mobile Hardware: Multiple Cores, Multiple Challenges Hardware: On-Demand Un-Hyped Hardware: The Shape of Things to Come Horizon Awards: 10 Cool Cutting Edge Technologies IT Management: Guide to Managing Vendors IT Management: Navigating Global IT IT Management: Recovery Ahead IT Management: The Future of IT IT Management: The Resourceful Project Manager Innovative Technology Awards 2004 Management: Reinventing IT Microsoft in Transition Mobile/Wireless Leaders and Laggards Mobile/Wireless: The Untethered Worker Mobile/Wireless: Tiny Gadgets, Huge Costs Network Management: Taking Control Networking: Turbulence Ahead! Networking: VoIP Goes Mainstream Operating Systems: In the Slow Lane Operating Systems: Linux Goes Global Operating Systems: Should You Nix Unix? Outsourcing: Offshore Buyer's Guide Outsourcing: Outsourcing Dangers Premier 100 IT Leaders 2004 Best in Class Premier 100 IT Leaders 2005 Best in Class ROI: Do the Math! Salary Survey 2003 Salary Survey 2004 Salary Survey 2005 Security Action Plan Security: Compliance Headaches Security: Proactive Security Security: Risk and Reward Security: Tips From Security Pros Souped-up Security Storage: Battling Complexity Storage: Cheap & Secure Data Stores Storage: Stretching Your Storage Dollars Storage: The Lean Storage Machine Storage: The New Rules of Storage Storage: The Ultimate Backup Guide Supply Chain: Missing Links Supply Chain: RFID Reality Check The Business of Security Web 2.0 Security Wireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone The File Data Management Zone Security Management Zone The SAS Zone Business Intelligence and Analytics Zone Windows Protection Zone The Enterprise Search Zone Software as a Service Zone See your link here

The Impact of Social Networks on Mobility Strategies The Impact of Social Networks on Mobility Strategies Download this webcast, free, compliments of RIM. Go to the webcast  Computerworld Executive Briefing: Automating Network Management Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP. (Source: Computerworld) This briefing looks at the basics of network management, which tend to get lost in the dizzying array of products and processes. It also examines new tools that are on the way to help IT executives deal with management in the new era of automation.Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP. Download this executive briefing  Five Technologies Simplifying Infrastructure Management Get this white paper now! (Source: Liebert) Today's data centers must support more devices, are consuming more power and generating more heat. Learn five infrastructure technologies that are making it easier for growing businesses to introduce new IT systems as needed while maintaining high levels of availability. Download this white paper  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Project Portfolio Management - Boost the value of IT Core Network Services Survey: The Costs and Impacts of DNS and IP Address Management Six Project Metrics Every CIO Should Know for Application Delivery Success View more whitepapers

• IBM launches Bluehouse, a Facebook for business
• Microsoft scales out SQL Server 2008, wants to 'democratize BI'
• iPhone grabs top smart phone spot
• More top stories 

• Google scrubs search cache of Chrome download site

• Google's Chrome aims to kill Windows, make Web the OS of choice

• Google Chrome browser: Dethroning Microsoft or killing off Mozilla?

Read more news 

• Whoah the humanity!

• Try, try again

Read more Shark Bait 

Accelerate your pursuit of perfection For almost 80 years, Kodak has been helping banks, insurance companies, healthcare providers, government agencies and other businesses produce billions of document images. So Kodak is uniquely positioned to know and deliver–what customers want: easy-to-use scanners that output the best possible image quality. Download this white paper now!