RealNews

Honeypots Get Stickier for Hackers

If Lance Spitzner has his way, network defenders will get sweeter on the “honeypot”–a traditional method of detecting online intruders. Spitzner and two dozen members of the Honeynet Project hope new changes to the group’s open-source honeypot technology will help the method become much more popular among security companies and others. The technology is designed to help users forge their own honeypots–faked computers and networks that serve as decoys for discovering online miscreants. The changes, to be outlined in a paper that will be published online Monday, were described in a speech Spitzner gave here at the CanSecWest security show. The new features will help honeypots become harder for intruders to detect and easier to deploy for companies and even home users. “It’s an arms race,” said Spitzner, founder of the Honeynet Project. “We are coming up with new stuff, and the bad guys will look at it. We are staying ahead of 99 percent of the crowd.” Honeypots solve a major problem of intrusion-detection systems, which frequently flag innocuous network traffic as a potential attack. These “false positives,” as they’re called, make the systems difficult to manage. They also create a “crying wolf” situation, in which genuine threats can be overlooked. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.