[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ids
Subject: RE: Effectiveness of a Honeypot
From: Shawn Guins <indeg () blackcodemail ! com>
Date: 2001-08-30 16:10:04
[Download RAW message or body]
> I think you are right about being criminally liable >but that doesn't mean that you \
> couldn't be held >civilly liable for damages. Actually I think you would be very \
> liable. It will be hard to explain in court >that: 1) Yes I did put this system out \
> there knowing >it was susceptible to attack, 2) I was hoping it would be hacked, 3) \
> it was used as an attack vehicle >on company X but hey don't blame me. If I owned \
> company X, I would blame you for damages >done to me based from your \
> network/honeypot.
> Scot
I don't think honeypot should be view as something that can get you in trouble or \
anything like that:
I agree, there could be criminal and/or civil liability involved if your honeypot was \
comprised and used maliciously against others. There's always the possibility of \
being held liable no matter what type (honeypot, web server, etc.) of box you're \
running. That's part of the game. But looking specifically at honeypots; what \
functional services, if any, should be run on a honeypot? In my opinion at most, the \
only functional service you might run is for remote administration like ssh. If you \
have local access, there shouldn't be any functional services running. Without \
functional services running, the difficulty in comprising the box multiples x10. \
There are always exceptions for everything. I'm not saying that a honeypot can not \
be comprised but I think certain steps can be taken to seriously downgrade or \
possibly eliminate the chance of it being comprised or if comprised, what an attacker \
can actually do with that box.
Shawn
_____________________________________________________________
Free Hosting & Free email---> http://www.blackcode.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic