Who has time for honeypots?

Whitedust Security talks honeypots, and all the fun you can have with them. For those just joining, a honeypot is a system put online to entice hackers – once they break in you get to study what they are up to. You can also set up a honeypot in the form of an email box, catching spammers coming to you and reporting them to blacklists.

My first thought is that’s what research groups are for – sys admins generally don’t have time for that stuff

The first Slashdot participant on the matter brought the point home:

“In addition to all of the things on the network I normally have to do at the office let me set up an entire phantom network just to “jack” with hackers. Yeah, I’ll get right on that.”

Like security pros, these folks need a little more respect. So researchers, why don’t you get to work on that?


J.D. Falk says:

As we’ve seen repeatedly at CEAS and the MIT Spam Conference, researchers don’t tend to have access to the full breadth of data necessary to do any research that actually applies to the real world.

That said, I doubt any company wants their sysadmins to set up any data-sharing project without talking to the lawyers first.