Honeypot is the reaction to a new type of malicious web traffic: search
Here's my take on it (please correct me if I'm
- It's not a new type of malicious web traffic. Google's
spider generates the traffic (it's legitimate traffic). At that point,
exposure is your (the owner's) problem.
- It's not a new type of
malicious web traffic. It's a reconnaissance technique and is not
necessarily malicious as the tools/techniques are available to
- I think it slightly misses the definition of a honeypot in
that attackers are researching known exploits via Google and are getting
pointed towards GHH. At best, you might get a list of IPs attempting to
exploit a vulnerability.
- As GHH relies on Google entries to
point to the honeypot, it lessens Google's accuracy just a bit more
(little though it may be).
That said, I'd still like to try
it out as it IS an interesting approach.