Security Year in Review: Honeypots
by Mirko Zorz - Monday, 16 December 2002.
This has been a great year for honeypots, finally this method of collecting security information got its deserved place under the spotlight as more people began to realize the benefits that a honeypot, deployed in their organization, brings.

In order to get the real picture of honeypots I contacted the person that's an authority on the subject - Lance Spitzner. He is the founder of the Honeynet Project, moderator of the honeypot mailing list, co-author of "Know Your Enemy", author of "Honeypots: Tracking Hackers" and also author of several whitepapers. He works as a senior security architect for Sun Microsystems, Inc.

Spitzner said: "I'm a huge fan of honeypots. I know of no other security technology that lets you turn the tables on the bad guys, honepyots give you the initiative. I've been using them for several years now to learn about how attackers operate, and the latest threats. When I look back, I'm amazed at how much I've learned. I'm extremely excited about the future of honeypots, we have only begun to tap into their potential. In many ways, I think honeypots are now where firewall technologies were eight years ago, or where IDS was five years ago. However, I'm even more excited about all the different roles honeypots can play. Not only can they be used to improve you security (by preventing or detecting attacks), they can be used to gain intelligence on new threats. In fact, that is where I think we will so the greatest growth in honeypots. Organizations can use them for early warning and prediction, trend analysis, or even cyber warfare."

There have been two things that marked this year as the most important year for honeypots ever:Earlier this year in an interview for HNS, Spitzner said: "It was a great start, as it was the first honeypot conference. However, I would like to see one that is more technical, covering a great spectrum of technologies (similar to my book)."

The future is wide open for the development of honeypot technology as more people begin to use it. There are not many solutions present at the moment but new ones will certainly appear during the following year. As regards the future Spitzner said: "We will also see dramatic improvement in how the technology works. Open Source solutions such as Honeyd and Honeynet will become easier to use. Commercial products, such as ManTrap, will communicate and work with other technologies, such as firewalls and IDS. I also think we will see more honeypot solutions released."

"Last, I think you will see more documented cases of honeypots in use. People don't realize just how much honeypots are being used today. For example, catching the latest worms or trend analysis of specific blackhat communities. I feel honeypots have a very exciting future, we are seeing a technology in its infancy." Spitzner added.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th