Skip to main content

Bring Back the Honeypots

 

"Honeypots were all the rage in the 90's - A raft of tools (and even a world-wide alliance) sprung up extolling their virtues but they never managed to live up to their hype. They were largely relegated to researchers and tinkerers on the fringes. At the same time, we have the Verizon DBIR telling us that most companies are first informed by 3rd parties that they are breached. This is a stupid situation to be in.  Well deployed honeypots can be invaluable tools in the defenders arsenal, and don't need to look anything like the honeypots of old. From application layer man-traps, to booby-trapped documents. From network-level deception, to cloud based honeypottery, we are bringing honeypots back!  During this talk, we will discuss and demonstrate the current state of the art regarding honeypots. We will explore the factors that limit adoption (and will discuss how to overcome them.) We will demonstrate new techniques to make your honeypots more "hacker-discoverable" & will share data from running actual honeypots in real organizations. We will also discuss (and release) OpenCanary, our new open source honeypot (along with supporting scripts and utilities).  Over the past few years, honeypots have gotten a bit of a bad rap. We will give you tools, techniques and takeaways, to move them from geeky time-wasters, to the most useful pieces of kit you will deploy."

Comments

Popular posts from this blog

LDWin: Link Discovery for Windows

LDWin supports the following methods of link discovery: CDP - Cisco Discovery Protocol LLDP - Link Layer Discovery Protocol Download LDWin from here.

Battery Room Explosion

A hydrogen explosion occurred in an Uninterruptible Power Source (UPS) battery room. The explosion blew a 400 ft2 hole in the roof, collapsed numerous walls and ceilings throughout the building, and significantly damaged a large portion of the 50,000 ft2 building. Fortunately, the computer/data center was vacant at the time and there were no injuries. Read more about the explosion over at hydrogen tools here .

STG (SNMP Traffic Grapher)

This freeware utility allows monitoring of supporting SNMPv1 and SNMPv2c devices including Cisco. Intended as fast aid for network administrators who need prompt access to current information about state of network equipment. Access STG here (original site) or alternatively here .