Honeypot

Victim machine used to draw in attacks

A honeypot is a system set up to draw in malware, spam and hacking attacks.

Any malware or spam that targets the honeypot can be gathered and analysed, either as part of a defence system, where data gleaned from the honeypot system is applied directly to filters protecting genuine systems, or simply for research purposes, where malware samples are gathered for security labs or product testing.

Honeypots often run real versions of the operating system being studied, typically with deliberately weak security - for example lacking security patches and firewalls. Such systems may even be set up to automatically browse websites and open email attachments, spoofing the activities of a real user. Such a honeypot is usually restored to a clean state at regular intervals, to ensure any infections do not interfere with continued operations of the trap.

Alternatively, a honeypot may be a more secure system running a virtual machine, or emulating the access points and responses of a vulnerable machine.

A honeypot dedicated to gathering spam messages is generally known as a spam trap.

Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments
Jobs Recruit Sidebar

VB100 certification

VB100 This month VB's test team put 26 products to the test on Windows Server 2008. John Hawes has the full results.
See full results.
Virus Bulletin currently has 190,801 registered users.