by Conrad Constantine
It might seem like a strange question, but I wonder how many readers are running a honeypot network in their infrastructure? If you’re not then let me be the first to say that you really should.
This could be a slightly controversial view as, all too often, honeypots are misunderstood and mistrusted. People across the IT security space are very good at raising concerns about why they shouldn’t be used and why they’re not a good idea, but I really couldn’t disagree more I’m afraid! I firmly believe that honeypots have a key role to play in any organization’s security arsenal.
Let’s start at the beginning, what is a honeypot? Put simply, it is a machine that is designed to tempt any unknowing attacker to target it, whilst being configured to trace the origins of the attacker and identify them. However, this can lead to the perception that honeypots can be a quagmire of risk and liability, as well as raising understandable concerns about willingly allowing an attacker to access your system under your control.
Source: Help Net Security