HONEY POTS
updated 2007 April 02
Prof. WTG Richardson
 
. "Honey Pot" is not a new term, it was a slang expression during the Second World War to describe attractive women used to entrap enemy officers into revealing military information through social and romantic situations. In the late 1990's it became a term also used by people trying to create technical situations that would cause a hacker to focus on one thing, and thereby miss the "target at risk", or , even better, reveal the hackers identity so they could be "dealt with".

The term Honey Pot was first chosen by people who thought of the story of Pooh who stuck his head in a pot to get the last of the honey, and ended up getting trapped.

.
.
Counter
measures

Honey Pots

.Honey Pots defined at www.honeypots.org
Jacco Tünnissen, Editor 

"Honeypots are programs that simulate one or more network services  that you designate on your computer's ports. An attacker assumes  you're running vulnerable services that can be used to break into the  machine. A honeypot can be used to log access attempts to those  ports including the attacker's keystrokes. This could give you  advanced warning of a more concerted attack. " 

Honey Pots are employed in Intrusion Detection Systems (IDS) 

Honeypots.org is a portal that provides links to IT security companies that have services and products to help one use honeypots, and understand the community of Intrusion Detection in IT.

.
A Large Resource on Honeypots

www.honeypot.com  is an "independent website [which] contains almost 800 links to projects, whitepapers, articles, presentations, howto's, and more.
Relax and read all about Intrusion Detection Systems, Honeypots, Honeynets and Incident Handling."
 http://www.honeypots.net/about

honeypots.com also lists this witiger page  www.witiger.com/ecommerce/honeypots.htm
as a resource
http://www.honeypots.net/about
.
Counter
measures

Honey Pots
 
 


 
 

Counter
measures

Honey Pots

Communications & Networking, January 2003, Vol. 6 No. 1 
"Guarding against threats from within"
by Grant Buckler
A careless employee is just as much of a threat as a hacker 
.
"Honey pots can foil hackers"

Some organizations have begun turning to an even more clever security trick. In their demilitarized zones, they set up dummy servers called honey pots, configured to look like  key corporate systems. A honey pot might contain fake customer credit data, for instance.  The idea of this is not that intruders will be fooled permanently. However, says Slodichak, they are likely to be fooled long enough that they will break out their system-cracking tricks to try to get into the dummy systems. By monitoring this activity, corporate security people will  get an advance look at the cracker's arsenal before he or she realizes the deception and moves on in search of the real data.  "The hacker community really hates honey pots," Slodichak says." 

Slodichuk is Tom Slodichak, chief security officer at WhiteHat Inc. a Toronto security consulting and training firm  www.whitehatinc.com 
 

. Feb 6th, 2003, Prof. Richardson spoke by phone with Tom Slodichak, chief security officer at WhiteHat Inc., a Toronto security consulting and training firm quoted in the above piece. Mr. Slodichak confirmed that Honey Pots are one of the best, cost effective countermeasures to deal with hackers.

WTGR

.
.
Honey Pots 
- how they can be used
. It is a bit challenging to find examples of "Honey Pots" being used since they are necessarily a "secret technique" , however one story broke in July 2003 that mentioned how they are being used.

WTGR

 "Credit-Card Hackers Swap Tricks Online"
By Dinah Greek posted online July 28, 2003 
- trapped by Honey Pot
.
Greeks says "  Thieves are using chat rooms to sell stolen credit-card details and advise others how to hack Web sites containing credit information.
The thieves are not getting away with this completely, they are being tracked by Dr. Bill McCarty and his students at Azusa Pacific University who call their project the Honeynet Project.
Greek explains "the Honeynet researchers set up computer systems, called "honeynets" or "honeypots," intended to be easy targets for hackers. The researchers then tracked the hackers to the IRC channels. "

Prof. McCarty's page http://home.apu.edu/~bmccarty/

.
Honey Pots
Ivan K, in BCS555 in Nov 2006 emailed to say "During Monday’s class, you briefly covered the topic of honey pots which made me think about something interesting that is relevant to this topic."

Ivan adds "Several weeks ago, I was watching a TV show called "Blog" with Chris Hansen on Dateline NBC. This show is focused on methods used by the police in order to expose and catch pedophiles. In this show, a police officer pretended to be a 13 year old girl who was using an online chat room looking for men over the age of 18 in order to have sex with them. She would invite the pedophile to her house, where he would be greeted by a young girl who would take him to the backyard and would invite him to help himself with a drink while she goes to put on her bathing suit for the hot tub. As the young girl leaves "to go change" Chris Hansen approaches the man and starts questioning him about his intentions. The police have recorded the entire conversation and Chris quoted the pedophile’s statements in the online chat room. When the pedophile tried to leave, he was confronted by several police officers and arrested at the scene.The link for this web site is:"
http://www.msnbc.msn.com/id/10912603/

There is also a short clip of the episode on this web site.
Sincerely,
Ivan K. 
 

KEY
POINTS
Ivan, good story, thanks for making a note of this - yes, indeed the principle of "attracting bad guys" into a vulnerable place where you can arrest them or control them is something that is happening more and more in a variety of situations.

WTGR

.
.
Honey 
Pots

it is
not 
so
simple
 

Sunny R. in FSM 620 at Seneca in March 2007 sent a well thought out email suggesting that people who use Honey Pots might put the company in a vulnerable situation if they are not careful.

Sunny began his explanation saying

"After reading the section on Honeypots on your website, I decided to research further on this topic. I tried to research errors within Honey pots. This topic is really interesting because many organizations create Honey traps to track hackers. This instrument is widely used in the financial industry where institution develop honeypots which carry fake numbers and records to track the hackers. After researching further on this topic and its loop holes, I found out that Honey pot is very volatile regarding risk factor. When companies create Honeypots they usually tries to mimic the original infrastructure of the company's system, so the hackers wouldn’t be able to detect the entrapment. This is one place where the errors of Honeypots exist. By mimicking the company’s infrastructure system to create the Honeypot, the company is literally allowing the hacker to analyze and read the construction of the system. In many cases of Honeypots, it is not easy to confront the hacker because he/she will be using many worms to hack others. Therefore, it may be not a great idea to use Honey pot to play with hackers. In addition, even after creating the best honey pot trap, who decides the legality of the system"
.
Honey 
Pots

it is
not 
so
simple
 

Sunny posed the following questions.

• Is a honey pot considered entrapment if you want to press charges? 
• Can you really claim “damage” if it’s a fake site that’s broken into? 
• If you build the site with the intention of attracting a break-in, is it actually against the law if someone does just that? 

Sunny concludes
"Therefore, my findings question  what additional benefits do Honeypots serve if the company can’t even press charge against the hackers. In most times the hacker wouldn’t be able to track by the company’s system. Finally, a honeypot is a great decision to safe guard the company’s record, but if it’s not developed properly, then it could back fire towards company’s real system."
 

.
 
witiger.com
  CONTACTIMAIN PAGE I NEWS GALLERY IE-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS  IMKTG&BUSINESS I TEACHING SCHEDULE  IMISTAKES ITEXTS USED IIMAGESIRANKI
.