Re: Honeypot detection and countermeasures
From: Michael Boman (michael.boman_at_securecirt.com)
Date: 06/19/03
- Previous message: tim: "Re: Cross Site Tracing examples?"
- In reply to: Larry Colen: "Re: Honeypot detection and countermeasures"
- Next in thread: Rob Shein: "RE: Honeypot detection and countermeasures"
- Reply: Rob Shein: "RE: Honeypot detection and countermeasures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Larry Colen <lrcrypto@red4est.com> Date: 19 Jun 2003 11:32:12 +0800
On Wed, 2003-06-18 at 10:15, Larry Colen wrote:
> Good point. I was more envisioning a scenario where the client was
> testing the whole security system, including the
> honeypots. I.e. hiring a pen-tester without giving the pen-tester any
> knowldege of the system before hand.
>
> If I seem like a clueless newbie, I hope that I at least seem like a
> polite clueless newbie. I'll crawl back into my hole and lurk a bit
> more.
>
> Larry
>
There is a viable scenario for this. Let's say ACME Inc. wants to do
their own pen-tests because they
- Don't like to pay outsiders to do it
- Want to compete with the company
- They want to steal their tools and techniques
- insert your own paranoid explanation for the "why" bit
They hire a group of people to hack their systems and record everything
so once the exercise is over ACME Inc. now knows the tools and
techniques of that particular pen test group.
It's unlikely, but possible. Haven't happen to me (yet).
Best regards
Michael Boman
-- Michael Boman Security Architect, SecureCiRT Pte Ltd http://www.securecirt.com
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: tim: "Re: Cross Site Tracing examples?"
- In reply to: Larry Colen: "Re: Honeypot detection and countermeasures"
- Next in thread: Rob Shein: "RE: Honeypot detection and countermeasures"
- Reply: Rob Shein: "RE: Honeypot detection and countermeasures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
