| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Fighting Spammers With Honeypots: Part 2 Most of the time, a spammer connecting to the open proxy server will try to send an initial email in order to check how the proxy is working. This moment can be crucial if you want to fool him properly.
02/18/2004
|
|
Fighting Spammers With Honeypots: Part 1 This paper will evaluate the usefulness of using honeypots to fight spammers. The first part of the article will explain some background information on spam. Then, we will try to understand how honeypots may detect, slow and stop such activities while promoting a clean Internet. Finally we will conclude with some future perspectives.
02/18/2004
|
|
Dynamic Honeypots For the past eight months we have been discussing what honeypots are, their value, their different types, and how they can be used and deployed. Today we will do something a little different. Instead of discussing what honeypots can do and how they work, we will take a look into the crystal ball and see what honeypots should do, how they could work. If I had a dream honeypot, this is what I would like to see in the future: the dynamic honeypot.
02/18/2004
|
|
Definitions and Value of Honeypots Honeypots are an exciting new technology with enormous potential for the security community. The concepts were first introduced by several icons in computer security, specifically Cliff Stoll in the book The Cuckoo's Egg", and Bill Cheswick's paper " An Evening with Berferd." Since then, honeypots have continued to evolve, developing into the powerful security tools they are today. The purpose of this paper is to explain exactly what honeypots are, their advantages and disadvatages, and their value to the security.
02/18/2004
|
|
An Evening with Berferd On 7 January 1991 a cracker, believing he had discovered the famous sendmail DEBUG hole in our Internet gateway machine, attempted to obtain a copy of our password file. I sent him one. For several months we led this cracker on a merry chase in order to trace his location and learn his techniques. This paper is a chronicle of the cracker’s “successes” and disappointments, the bait and traps used to lure and detect him, and the chroot “Jail” we built to watch his activities. We concluded that our cracker had a lot of time and persistence, and a good list of security holes to use once he obtained a login on a machine. With these holes he could often subvert the uucp and bin accounts in short order, and then root. Our cracker was interested in military targets and new machines to help launder his connections.
02/18/2004
|
|
Page: 12345 6 |
