 COLUMN
 |
 |
Security Adviser
P.J. Connolly
|
Your mother was right
IT'S TOO EARLY for even a nut like me to start thinking about football -- the American kind, with helmets and pads, that is -- but I was reminded of it after seeing some taunting in my own world. In pro football, of course, taunting is the infraction the referee calls after he blows the whistle on an end-zone celebration resembling the finale from Grease. Referees have sound reasons for curbing one's boastful tendencies during a game; my favorite memory is of a player who leapt up for a (very) high five, pulled a hamstring, and spent five weeks injured.
Taunting isn't a smart thing to do on the Internet, either. Someone with a little bit of motivation has a number of ways to mess with your company's security, and the lack of skill needed to pull off a simple attack like DNS server flooding should give one pause about what can happen when someone, say, a hacker, is ticked off. (I know, I probably sound like your mother, telling you to be polite to strangers and sit up straight.)
Seriously, though, the only thing more dangerous than a curious hacker is a hacker with a grudge. It doesn't really matter whether or not the grudge is valid; heck, it might not even be a grudge. He (although I wouldn't put it past some women I know, but the record indicates that these folks are usually young men) might just be trying to impress someone or "make his bones" in a hacker club.
But one way to make sure you've offended a hacker is to make him feel foolish. Suckering a hacker into a honeypot system -- one that creates a false environment to attract attackers away from your production systems -- is a good way to leave a youth with egg on his face, looking for revenge. That's why when you use a honeypot, make sure that it's on a secured and separate network.
Someone in New Zealand learned that the hard way back in June when security consultancy Co-Logic fell victim to the PoizonBOx hacker group, which took advantage of an incorrectly deployed honeypot and defaced the company's Web site. The real site was vulnerable because of files left behind on a Windows NT 4 server after Microsoft Front Page -- a bundled Web design tool -- was uninstalled, according to press reports. The company's management tried to put a bright face on the situation by pointing out that the vulnerabilities were previously unknown, but it makes you wonder how anyone in IT security sleeps at night.
Of course, keep a few other things in mind when you set a honeypot. You have to keep the phony site's content fresh. Nothing gives away a trap faster than stale bait. Don't forget to put your administrators on 24-hour alert, if they aren't already. After all, hackers don't work banker's hours. And don't taunt your attackers. If nothing else, it's unprofessional.
P.J. Connolly (pj_connolly@infoworld.com) covers collaboration, groupware, messaging, networking, operating systems, and security for the Test Center. Get this column free via e-mail each week. Sign up at www.iwsubscribe.com/newsletters .
RELATED SUBJECTS
 Security
MORE >
SPONSORED WHITE PAPERS
EMC
- Lower costs and improve reliability-Get the EMC CLARiiON white paper!
Ciphertrust
- Are you ready for Sobig.G? Learn how to protect your email systems.
CDW
- Personal attention. CDW. The Right Technology. Right Away.
EMC
- Explore key performance features and capabilities of EMC ControlCenter 5.1.1.
Intel
- Free Intel white paper shows you how to deploy a secure wireless LAN
Cisco
- FREE WHITE PAPER: BLUEPRINT to design and implement secure VPNs
Verity, Inc.
- "Mass Consolidation Hits the Web-Search Market"
McDATA
- Download a FREE storage consolidation white paper from McDATA(R).
Lucent Technologies
- Overcoming Common Firewall Limitations
Lucent Technologies
- Leverage Your Mobile High Speed Data Access. Download Free White Paper!
Nokia
- Get the scoop! Mobilizing business white papers & case studies.
BMC Software
- Maximize the Potential of Enterprise Data: Free white paper!
Network Associates
- Free white paper - Strategies for Optimizing Network Costs and Benefits
Entrust
- Manage identities across applications. Improve productivity.
Stalker Software
- CommuniGate Pro - Transform your Email and Calendaring
Remedy
- A NEW Gartner Research Note:Producing Quality IT Services
Search the IDG White Paper Library:
|
SPONSORED LINKS
|
