Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    Security Honey Pots May Snare Private Details

    Written by

    Michael Myser
    Published December 7, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Though some legal issues still surround “honey pots,” their use within the security industry is fairly common and is considered a critical weapon in fighting malicious hackers and viruses.

      “Theyre an incredibly valuable tool,” said Rich Mogull, research director at analyst firm Gartner Inc. of Stamford, Conn. “You cant really know whats happening without monitoring whats going on in the world. Honey pots and honey nets do a good job of this.”

      Setting up an unprotected server or network invites attackers to infect or examine the system. The honey pots are then used to track the hackers and collect data on the way the intruders operate. Information collected in honey pots is typically used to power early warning and prediction systems.

      “Its not something every organization needs, but I expect all security vendors to do be doing something [like this],” Mogull said. “Thats how youre going to find out what the new threats are, without compromising your real systems.”

      IMlogic Inc. of Waltham, Mass., told eWEEK.com it would use IM honey pots to drive its Threat Center initiative, which will warn vendors of new spam and malware attacks.

      /zimages/2/28571.gifRead more here about honey pots and how they work.

      Though Gartners Mogull wasnt at all surprised that IMlogic would employ this technique, legal issues still can arise from honey pots if security vendors and enterprises arent careful.

      For one, enterprises could be found liable if hackers were to use honey pots as a launching pad to harm another entity.

      “If youve created a dangerous, open resource, youve created a tool for hackers to use,” said Benjamin Wright, an attorney and instructor at the SANS Institute. “You need to avoid anything that encourages damage to a third party.”

      One way to avoid that, he said, is to label the honey pot as off limits, or a resource that is private property, which outsiders are not authorized to use. Such labeling also would help ward off the common defense tactic of citing “entrapment” in the case of prosecution.

      “Entrapment is when somebody induces the criminal to do something he was not otherwise imposed to do,” Wright said. He explained that its a common misconception that organizations can be sued for entrapment, when in reality, its used only to defend the accused and should not be a concern for enterprises.

      Next Page: Overstepping the bounds of privacy?

      Privacy Boundaries

      Lance Spitzner, founder of the nonprofit security organization Honeynet Project, agreed, saying that neither liability nor entrapment has been an issue, but that privacy is a concern.

      “From a privacy perspective, you need to consider what you capture, how you capture it, and what you use it for,” Spitzner said. He said the main concern surrounds violating the federal Wiretap Act, which prohibits intercepting the content of communications.

      “Are you getting the conversations themselves?” he asked. “The more data youre pulling, the more potential privacy issues there are.”

      If a firm is capturing transactional information such as IP addresses, or examining malware contained in the communications, there likely is little to be concerned about. IMlogic told eWEEK.com its honey pots would likely only receive spam or malware, so conversations wouldnt be an issue.

      But there are still no hard and fast answers to some of these legal concerns.

      “There is no absolute authority, because there are so many variables involved and no precedents,” Spitzner said. The Honeynet Project recently published a book on honey pots, which includes a chapter (here in PDF form) on legal concerns by Richard Salgado of the Department of Justice.

      Security firm Sophos, based in the United Kingdom, isnt much concerned with the legal aspects of honey pots and is one of many vendors using various types to develop cyber-defenses.

      “We receive millions of spam messages into our traps from around the world,” said Gregg Mastoras, senior security analyst at Sophos. “We take those messages, dissect them, try to understand them, where theyre coming from, and build protection around it for our clients.”

      Because its a closed system—the spam and viruses the company receives dont get distributed from the Sophos system—and the company isnt building legal cases against spammers, there arent legal implications for its spam traps.

      “Most of the security research companies use honey pots to get information on bad guys, malware, viruses and things like that,” Honeynets Spitzner said. “Honey pots are also becoming more commonly accepted, so theyre being used for marketing purposes by security firms.”

      “If youre going to develop products and services to defeat these, youve got to understand the basics of what theyre delivering by actually getting some of them yourself,” Sophos Mastoras said.

      Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Michael Myser
      Michael Myser

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×