|
A computer or internet server set up to
lure unsuspecting crackers or script kiddies. Honeypots serve
several purposes, especially as tools for trapping and identifying would-be
intruders into corporate networks. Honeypots typically mimic real computer
systems or networks but contain no useful data or information; instead they
may be populated with good looking but falsified data, or merely be given a
name that makes them attractive to passing criminals. Careful monitoring of
these systems often yields useful information about how intruders choose
targets, how good their cracking skills are and what steps they take to
cover their tracks. Many companies use honeypots to discover potential
weaknesses in their real systems and to help design more secure
alternatives. There have been some notable honeypot successes; in 2000, for
example, a group of Pakistani hackers was identified when it tried to use a
US computer system to attack websites in India.
Increasingly wise to
the ways of their enemy, sophisticated intruders are getting better at
spotting traps and may completely destroy systems that they suspect are
fakes. Meanwhile, some security experts have criticised the honeypot
approach for distracting people from the real business of protecting their
own networks, pointing out that most serious attacks come from inside
organisations rather than from the internet. A new form of honeypot is
evolving around wi-fi technology, designed to identify drive-by
hackers. |
