Honeypots as an early warning system

I often recommend that my clients set up and use a honeypot, and not just because my last book was entitled Honeypots for Windows . Honeypots are any non-production computer asset set up only as a target for hackers and malware. A honeypot is usually a PC, but it could be a Cisco router, Ethernet switch, or HP JetDirect card. Many people think honeypots are non-necessary devices used by security administrators to track uberhackers. And while thatís partially true, today I recommend that every company use one or more honeypots.

Why, you ask? Because all computer security defenses will fail. Your firewall will fail. Your anti-virus software will fail. Your IDS and all of your employee education will fail, if not once a year, then several times. That being the case, step two is to get the fast notification that your defenses have failed. Honeypots as an early warning system | InfoWorld | Column | 2005-12-16 | By Roger A. Grimes

Linked by shanmuga Saturday, 17th December 2005 2:41AM