Date: Sun, 25 Jun 2000 12:48:17 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Narvi <narvi@haldjas.folklore.ee> Cc: security@FreeBSD.ORG Subject: Re: jail(8) Honeypots Message-ID: <4.3.2.20000625122615.00afbf00@207.227.119.2> In-Reply-To: <200006251557.e5PFvLX65947@cwsys.cwsent.com> References: <Your message of "Sun, 25 Jun 2000 10:40:51 %2B0200." <Pine.BSF.3.96.1000625103546.2206X-100000@haldjas.folklore.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:56 AM 6/25/00 -0700, Cy Schubert - ITSD Open Systems Group wrote: > > The thing is a booby-trap. It is somewhat similar to running a simulated > > "buggy" application with the sole puropse of catching the would-be > > attackers. > > > > I'm not sure if and how much it pays in the long run. > >I don't think it would hold up in court, as it would be entrapment. So >what would the sense be in setting up a booby-trap? How so? Only if you are with a law enforcement agency would it be entrapment. At least in the US, but then there is a term similar to "enticement" (forget the legalese version), which may apply. Doubtful, but entirely possible that by attracting bears with a honeypot, which is surrounded by a fence, which the bear climbs, falls, and then has recourse to turn around and sue you for tempting it. Regardless, I'm fairly certain that the authorities would be interested. Other than that it does have merit if it distracts script kiddies from trying for the real stuff, as well as alerting other providers of possibly hijacked accounts or AUP violations. Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.20000625122615.00afbf00>