Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
Personally, I am not a supporter of honeypots, so it is difficult for me
to discuss many pros. About the only pro worth mentioning, is that
the honeypot is likely to be attacked before your real network and
if appropriately monitored, can help you stop the attack before it
gets to your critical machines.
As for cons, there are a few. First, do you really want to attract attackers
to your network? That's why it's called a honeypot. Just like attracting bees
to the honey, instead of your picnic. Second, do you have enough extra
equipment to set up a honeypot that looks real enough? As more honeypots
have been put in place, attackers have begun to recognize and avoid
them. Finally, do you have the necessary staff to monitor the honeypot, in
addition to your other network defenses?
Most small companies would be better served in having a good, well-monitored
firewall and having staff concentrate on keeping all systems current, with regard to security patches.
I'm sure the honeypot sales people have a different view, and I invite them
to share their opinion in the
.k5u2aPZwccR^0@/searchsecurity>searchSecurity Discussion Forums.
This was first published in May 2001