Gas Stations In the Bullseye

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

SgS125,
User Rank: Ninja
7/1/2015 | 9:58:39 AM

Invaluable information gained by honeypot intel

You can't really put a value to the information gained by knowing what your adversary is looking at, trying to find, or simply what tools are used against infrastructures. It seesm silly that you would not want this intel.

It's not a bear you are coaxing in, its a small blind rodent who scampers around hiding from the light. Honeypots allow us to gather the information needed to deter the next infestation of vermin.

If we all worked together and shared the intel from honeypots our defenses would have a power multiplier many times greater than the damm hidden zero day expoloits used to further the ill will of many unknown players.

So shine some light and watch the rats scatter, you won't find a bear among them.

Reply | Post Message | Messages List | Start a Board

50%

Joe Stanganelli,
User Rank: Ninja
6/30/2015 | 10:56:16 PM

Legion

Reminds me of the time I was walking down the street and I saw "We are legion" scrawled in chalk on the sidewalk.

Not as many style points for that one. ;)

Reply | Post Message | Messages List | Start a Board

50%

Joe Stanganelli,
User Rank: Ninja
6/30/2015 | 10:51:49 PM

Re: Poking the Bear

They're useful for their purposes, but good point that honeypots can create more risk.

Of course, if you can use the honeypot to then track the attacker down for swift justice -- effectively killing the bear, stuffing it, and displaying it at your home -- you potentially deter other bears.

Reply | Post Message | Messages List | Start a Board

50%

RyanSepe,
User Rank: Ninja
6/30/2015 | 10:53:22 AM

Re: Poking the Bear

I'm sure it is. Like everything it has its benefits as well as its detriments. There are multiple ideologies on this subject and can't say that any is more right than the other. It was just my opinion that bating criminals isn't always the best practice.

Reply | Post Message | Messages List | Start a Board

50%

Kelly Jackson Higgins,
User Rank: Strategist
6/30/2015 | 10:41:59 AM

Re: Poking the Bear

A honeypot is very useful as long as you know what you are doing.

Reply | Post Message | Messages List | Start a Board

50%

RyanSepe,
User Rank: Ninja
6/30/2015 | 10:00:39 AM

Poking the Bear

I understand the utilization of honeypots and honeynets however I'm can't say I'm an advocate. It's like seeing a bear and instead of trying to scare it away with loud noises you lure it with honey into your basement to avoid it being in the main levels of your house or yard. Most likely you'll aggravate the bear/malicious intender and you run a higher risk of them messing up your house/network or worse.

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Dark Reading Virtual Event - November 17 - Learn More

Black Hat Europe 2021 - November 8-11 - Learn More

@Hack - November 28-30, 2021 Saudi Arabia - Learn More

More Informa Tech Live Events

White Papers

The State of Cloud

Zero Trust and the Power of Isolation for Threat Prevention

Digital Transformation and Data Security

The Transition to Empowered Enterprise Authentication

The 7 Deadly Sins of Access Control, and How to Avoid Them

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Enterprise Cybersecurity Plans in a Post-Pandemic World

Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-40108
PUBLISHED: 2021-09-27

An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint.

CVE-2021-40109
PUBLISHED: 2021-09-27

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents of...

CVE-2021-23243
PUBLISHED: 2021-09-27

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.

CVE-2021-3799
PUBLISHED: 2021-09-27

grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames

CVE-2021-3818
PUBLISHED: 2021-09-27

grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]