Feeds

Snouts in the honeypot

Get your Digital Ant Farm here. Only $50K

  • alert
  • submit to reddit

Protecting against web application threats using SSL

[SCENE: A small but elegant office. Vivaldi's "Four Seasons" plays softly in the background. A man in a red power tie sits behind a solid oak desk, gently rubbing the top of a Montblanc pen across his upper lip while peering intently at his computer.
The early afternoon peace is broken by heavy footsteps. A highly agitated man wearing a t-shirt reading "Windows Blows" barges into the office.]

JIM: Hey, Boss!

BOSS: [pained expression] Yes?

JIM: We need to get a honeypot!

BOSS: A what? What do we need a honeywagon for?

JIM: No, not a honeywagon, a honeypot. It's a special computer you put out on the Internet to attract and catch hackers. We make it easy to break in, so we’re sure to get lots of 'em.

BOSS: I'm not sure I understand. Why would we want to attract more hackers than we’ve already got? I thought we were trying to discourage them.

JIM: That’s the nice thing about the honeypot. The hackers go there and sort of rummage around. Then we watch ’em! [cackle] We’ll see everything they do.

BOSS: Don’t we know what hackers do already? They’re trying to break into our e-commerce server, put their girlfriend’s naked picture on our home page, and steal our customers’ credit card numbers. Besides, we get that monthly newsletter with all the details on what the third world hackers are planning. You know, from that group staffed by all the ex-government spooks? I know what they are up to.

Besides, we just renewed our half million dollar contract with IncredibleDEF, and I get an exclusive daily update on the status of all the third world hackers. They just told me that a gang of Indian cyberpunks is working together to deface Pakistani web servers. Who knew? Great material for our risk reports.

JIM: Yeah, that’s cool stuff, but if we had a honeypot, we wouldn’t just read about the hackers. We could see ’em ourselves, sorta like a digital ant farm. We can learn just how they work. When we know what vulnerabilities they take advantage of, then we’ll know what to fix on our servers.

BOSS: Wouldn’t it be cheaper and easier to buy a book?

JIM: Well, yeah ... but then one of us would have to read it ...

BOSS: Good point. But I'm still not convinced. I don't want to be the first one to get one of these honeymucker things. IncredibleDEF says this gang of teenagers from Trinidad have been performing denial of service attacks using calypso music. What if the hackers use our honeypot to launch an attack into someone else’s system? I can see the headlines now, “Steel drum attack traced to Acronomia Inc. server. CSO claims it was a hijacked honeydew.”

JIM: Can’t happen. Besides, Threelettria Corp. has had one for six months, and their CSO just got his picture in Wired. (The Boss silently mouths a ‘wow!’) I was just talking to a consultant from Friday, and he said that honeypots are best practice now. All the leading firms have one. (pause) You know, I’m worried that we might be losing our competitive edge ... (raises eyebrows)

BOSS: OK, it's starting to make sense to me now. Can you talk to Friday about doing a feasibility study for us?

JIM: I already did. They said that planning the development, implementation and operation of a honeypot was one of their core competencies, so they’ll be able to do it for only $50K.

BOSS: Hey, that’s reasonable. And once I’ve spent $50,000 on a complete plan, I won’t have any trouble justifying the hardware, software, and staff. I’ll do the deal with Friday on the golf course tomorrow. Good save, Jim. Thanks. Oh, and can you have someone from Marketing Communications come up? I want to talk to them about a press release. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.