Honeypot is the reaction to a new type of malicious web traffic: search
engine hackers.
Here's my take on it (please correct me if I'm
wrong):
- It's not a new type of malicious web traffic. Google's
spider generates the traffic (it's legitimate traffic). At that point,
exposure is your (the owner's) problem. - It's not a new type of
malicious web traffic. It's a reconnaissance technique and is not
necessarily malicious as the tools/techniques are available to
all. - I think it slightly misses the definition of a honeypot in
that attackers are researching known exploits via Google and are getting
pointed towards GHH. At best, you might get a list of IPs attempting to
exploit a vulnerability. - As GHH relies on Google entries to
point to the honeypot, it lessens Google's accuracy just a bit more
(little though it may be).
That said, I'd still like to try
it out as it IS an interesting approach.
Comments, thoughts,
beatings?
No comments:
Post a Comment