[Dailydave] Building a better honeypot

Dave Aitel dave at immunityinc.com
Mon Dec 10 16:05:56 EST 2012


I don't normally read Honeynet.org, but when I do...well I have to say
I'm impressed. http://www.honeynet.org/node/1004

Building a better honeypot is a worthy effort - one that may possibly
have a big place in the future of network security insomuch as right now
most people have forgotten the technique even existed. David Dittrich in
the post above goes over point by point the various marketing efforts
Crowdstrike and various parties have been pushing with regards to
"offensive" and takes it apart the ways you would expect.

It's all too easy to focus on the marketing echo chamber with such
things, and lose track of the technology. I have a simple rule for
whether or not some technology being marketing is going to work and it's
this: Do the people involved want to get out after five years? If their
plan is to cash out and move on, they'll either succeed or not, but it
won't make any difference to any hacker anywhere.

In other words, if what you're seeing is success theater, than so be it.
But the cyberwar world, as fast as it changes, is won by people in it
for the long haul.

-dave

-- 
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 266 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20121210/bf656af8/attachment.sig>


More information about the Dailydave mailing list