Honeypots...and the results...

For those who don't know, honeypots and honeynets are computers or networks set up to trap, monitor, or deflect malicious activity.  A researcher might set up a computer and leave some common vulnerabilities open on it and wait to see who comes knocking.  Once the bad guys finds that the computer is "open" they try different techniques to probe the box and take control of it.   The whole time, the system will track the behavior of the attacker to determine what they do and how...this can lead to some interesting developments learning what the bad guys are up to.

It was apparently a slow news day, but the following web-site:  SANS Internet Storm Center Diary put up a list of all the malicious code that they noted using one of their honeypots.

Neat stuff.


No comments: