Answer the following questions. Your answer should be complete and at least one

Question

Answer the following questions. Your answer should be complete and at least one page in length.

Although honeypots are common, some security professionals believe they should not be used because they encourage attackers. What do you think? Using the Internet and other sources research the ethical and legal issues that surround using honeypots. Could creating a honeypot be entrapment? What ethical issues surround using a honeypot to trick attackers? Does the information gained from a honeypot outweigh the risks?

Explanation / Answer

Honey pots:

    The role of decoy-based intrusion-detection technology, or "honeypots," is evolving. Once used primarily by researchers as a way to attract hackers to a network system in order to study their movements and behavior, honeypots are now beginning to play an important part in enterprise security. Indeed, by providing early detection of unauthorized network activity, honeypots are proving more useful to IT security professionals than ever.

There are two types of honeypots:

·         Research: Most attention to date has focused on research honeypots, which are used to gather information about the actions of intruders..

·         Production: Less attention has been paid to production honeypots, which are actually used to protect organizations. Increasingly, however, production honeypots are being recognized for the detection capabilities they can provide and for the ways they can supplement both network- and host-based intrusion protection.

provides a more technical list of the types of honeypots. Here are some of the types listed. Honeypots can generally be divided into different categories, low-interaction, medium-interaction and high-interaction honeypots respectively.

The use of honeypots is a very controversial topic and although deemed legal to use, how ethical are they really? Some experts deem honeypots as a cause for entrapment. As for entrapment, although this is not a legal problem, this does not mean that the way a honeypot entices attackers is not unethical." The argument is that since it is both unethical and illegal to lure someone into stealing an object.

            Other experts consider honeypots not only unethical, but a disadvantage to the computer world since they are in essence building the better hacker,because more and more hackers are training themselves to be aware of honeypots and working around them, thus making secure systems a difficult ideal to achieve.

                              Honeypots have their advantages and disadvantages. They are clearly a useful tool for luring and trapping attackers, capturing information and generating alerts when someone is interacting with them. The activities of attackers provides valuable information for analysing their attacking techniques and methods. Because honeypots only capture and archive data and requests coming in to them, they do not add extra burden to existing network bandwidth. However, honeypots do have their drawbacks. Because they only track and capture activity that directly interacts with them, they cannot detect attacks against other systems in the network. Furthermore, deploying honeypots without enough planning and consideration may introduce more risks to an existing network, because honeypots are designed to be exploited, and there is always a risk of them being taken over by attackers, using them as a stepping-stone to gain entry to other systems within the network. This is perhaps the most controversial drawback of honeypots.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.