Online vandals and network intruders used to finding easy prey on the Internet had better watch out.
The Honeynet Project--a group of experts in computer security, information intelligence and psychology--unveiled Thursday its plans for improving "honeynets," collections of computers designed to let hackers break into a false network while allowing investigators to watch their every move. The new software and hardware that project leaders proposed at the Black Hat Briefings security conference will make honeynets easier to set up and cloak, turning computer cracking into a complex game of online Russian roulette for would-be intruders. |
"Right now, the attackers are not worried because there is only one honeynet," said Lance Spitzner, a senior engineer with Sun Microsystems and leader for The Honeynet Project. "The more we deploy, however, the faster we will find (the attackers). We'll be watching."
Expanding on the concept of the "honeypot," a software application that pretends to be a hapless server on the Internet, the honeynet is a network of standard computers that is watched closely by a combination of surveillance technologies.
An intrusion-detection system triggers a virtual alarm whenever an attacker breaches security on one of the networked computers. A stealthy keystroke logger watches everything the intruder types, from commands to e-mails to chat sessions. A separate firewall cuts off the machines from the Internet anytime an intruder tries to attack another system from the honeynet.
While the spoofed network could give investigators the time to track any intruders into the network, Spitzner said that's not the point. "Our goal has never been nor never will be to catch hackers," he said. "We are deploying the systems to gather data on the enemy."
Read the whole story Here
Source: Cnet
