Wednesday, 7 July 2010

Halting Hackers with Honeypots

Active surveillance of network and computer systems is expensive and time-consuming (and often fruitless). And this philosophy can mean that hackers remain undetected. A key issue with surveillance is that it can be tough to differentiate between legitimate and illegitimate activities.

A honeypot creates false targets that, when accessed, triggers an alarm. For example, if a hacker attempts to access an IP address that is not used. Likewise, a port-based honeypot could highlight requests on unused TCP ports. As Network World explains, "Entire computers, or even networks of computers, can be created to lure attackers."

Fully explore the complexities before implementing honeypots - as the law probably views this as 'entrapment,' and therefore couldn't lead to prosecution.