Might be nice to see a honeypot setup to see who is lurking around to get into systems and to discourage that kind of behavior.

hmm...

I'm sure we could come up with a segment on honeypotting someone, but really every system, if it's setup correctly can be a honeypot of sorts. Correct logging and intrusion prevention will negate the need for honeypots.

On a related note,
I do know that Chris was looking to put together a hacking competition, I'll see if I can ask him what the status of that is.

Perhaps he has some other ideas on what a useful honeypot implementation might be.

Matt

I do know that Chris was looking to put together a hacking competition, I'll see if I can ask him what the status of that is.I have that proposal on my hard drive already <whistles quietly in the corner>

Personally, I can't see a point of a honeypot.

Great - you know someone was trying to access your system. Now what? You make your system more secure?? Perfect - why didn't you just make your system more secure to begin with?

Reviewing router logs will tell you a lot more than a honeypot will.

BTW - You'll need to sign up on the website to access it, but here is a whitepaper on what the cost of a data breach (http://www.vontu.com/downloads/ponemon_07.asp) is to an organisation. As an employee of a company that deals with financial data (both domestic and international) we get this hammered into us continually.

I would use a honeypot on a laptop like a mine detector or radar. It is also a good way to find possible threats and ensure what you need to protect your system. There are so many free or cheap used computers I would think the cost of a honeypot is almost nothing, Why be passive about security. Go after them first. I want to know about possible issues before they start banging on my door. Pineapples are reason enough......