|FROM ||Ruben Safir
|SUBJECT ||Subject: [Hangout-NYLXS] Tech News - Honeypots
|From hangout-bounces-at-nylxs.com Sat Feb 11 18:57:01 2017
Received: from www.mrbrklyn.com (www.mrbrklyn.com [184.108.40.206])
by mrbrklyn.com (Postfix) with ESMTP id 10FF2160E77;
Sat, 11 Feb 2017 18:56:59 -0500 (EST)
Received: from [10.0.0.62] (flatbush.mrbrklyn.com [10.0.0.62])
by mrbrklyn.com (Postfix) with ESMTP id C97ED160E77
for ; Sat, 11 Feb 2017 18:56:47 -0500 (EST)
From: Ruben Safir
Date: Sat, 11 Feb 2017 18:56:47 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
Subject: [Hangout-NYLXS] Tech News - Honeypots
Reply-To: NYLXS Discussions List
List-Id: NYLXS Discussions List
Content-Type: text/plain; charset="utf-8"
There are a few interesting articles on security, mostly from the
register, which I wish you pass along
First, Honeypots are in the news
Feature The hackers breached the transport operator's systems and before
they knew it had sent a passenger train hurtling into a wall. And the
only reason you didn't read about it in the papers was that the systems
were an entirely fictitious network created in 2015 to test just how far
snoopers or crims would go in attacking vulnerable transport systems.
"HoneyTrain was also a great experiment to analyze the adversary's moral
limits," says Lukas Rist (-at-glaslos), chief research officer with the
Honeynet Project, which helped build the fake train system known as the
HoneyTrain. "They had attackers derailing a train or running the train
at full speed into a dead end."
Over the course of two weeks, HoneyTrain [PDF], complete with working
model trains and real security CCTV camera footage of train stations,
suffered a staggering 2.7 million attacks.
Those attacks are a graphic demonstration of "honeypots", the practice
of deliberate deception aimed at observing attackers.
The practice is widely used in information security circles, thanks
largely to the Honeynet Project, a non-profit much-respected security
initiative that maintains and advocates for honeynets through 23 global
chapters. Honeypots and the much larger and more complex honeynets are
popular research tools to lure attackers, revealing their tools and
tactics, but also operate as a line of defence for corporate networks.
A honeypot works like this: A hacker breaks into what they think is an
unpatched and forgotten server on a company's corporate network,
grabbing privileged Active Directory accounts from one place, and
watching what looks like traffic indicating user activity. To the
hacker, it looks like the entry point into a multi-million dollar
But it=E2=80=99s all a mirage. All the servers they have accessed are
carefully-prepared fakes, designed by corporate security to make the
attacker believe they had broken into the corporate network. The
attacker has wasted their time and, worse, revealed their attack
techniques. Some even waste a piece of custom malware.
And that's just the way honeypot operators like it.
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
hangout mailing list