Evaluate

The pros and cons of using a honeypot

I understand to a certain extent what a honeypot is and what it does -- but what are the issues you have to be careful about when implementing one? A vendor is trying to sell us one, making it sound very easy to install and configure. But what are the pros and cons of a small company trying to implement one?

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Personally, I am not a supporter of honeypots, so it is difficult for me to discuss many pros. About the only pro worth mentioning, is that the honeypot is likely to be attacked before your real network and if appropriately monitored, can help you stop the attack before it gets to your critical machines.

As for cons, there are a few. First, do you really want to attract attackers to your network? That's why it's called a honeypot. Just like attracting bees to the honey, instead of your picnic. Second, do you have enough extra equipment to set up a honeypot that looks real enough? As more honeypots have been put in place, attackers have begun to recognize and avoid them. Finally, do you have the necessary staff to monitor the honeypot, in addition to your other network defenses?

Most small companies would be better served in having a good, well-monitored firewall and having staff concentrate on keeping all systems current, with regard to security patches.

I'm sure the honeypot sales people have a different view, and I invite them to share their opinion in the .k5u2aPZwccR^0@/searchsecurity>searchSecurity Discussion Forums.

This was last published in May 2001

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

Related Resources

Dig Deeper on Wireless network security

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.