Payback on Web Attackers: Web Honeypots presented at AppSecUSA 2012

by Simon Roses Femerling,

Tags: Security

Summary : Honeypots have played a key role as a defensive technology for a long time in IT security with the first public work by Clifford Stolls The Cuckoos Egg on 1990 and later Bill Cheswicks An Evening With Berferd on the 1991 [2]. For a detailed honeypot history we recommend the book Honeypots: Tracking Hackers.
Wikipedia defines a honeypot as a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Web attacks are the most common form of attack these days due to that it is easy to automatize attacks and web apps suffer from multiple attack vectors. For a detailed web attack landscape report we recommend Impervas Web Application Attack Report, Edition #2 January 2012 [5].