[TriLUG] Honeypots attract flies
Andrew C. Oliver
acoliver at apache.org
Mon Jul 15 10:13:37 EDT 2002
>
>
>People have long debated the legalities of Honeypots. However, imagine
>how screwed you would be if a system you -knowingly- set up to be
>compromised was used to attack a corporation, a .gov, or worse, a .mil.
>They will not be happy with you, and have every right to not be happy.
>Better still, go on and set up a Honeypot on your corporate net without
>permission from higher ups. Then, let it be compromised and used to
>attack the rest of your network, possibly even to the point of having
>sensetive data copied. How long will your job last?
>
>
IANAL, but I do watch Law and Order a lot :-D, and it seems to me that
that would fit the legal definition of
negligence. Furthermore, it might even be criminal negligence if they
can prove you knew it would happen I suppose.
>
>
>>May you be ever vigilant!
>>
>>
>
>Jon is spot on here. Neither of us are saying Honeypots are, in and of
>themselves, bad. However, you must be extremely careful. Liken it to
>handling a disease. For the entire lifetime, you have to be paying a
>tremendous amount of attention.
>
>Mike
>
>
More information about the TriLUG
mailing list