A security company is attempting to catch hackers by luring them into traps within ecommerce websites.
vnunet.com, 07 Apr 2000
A security company is attempting to catch hackers by luring them into traps within ecommerce websites.
Firewall specialist Objectronix has launched a service accompanying its firewall product that uses dummy tools and data, such as false credit card details, to entice hackers into a trap.
Once the hacker has been lured into the trap - a controlled area of the firewall - a trace is automatically sent to Ojectronix's 24x7 attack response team. The team monitors the hacker's activity while in the trap and examines evidence once the hacker has moved on.
Chris Royle, a director at Objectronix, said: "It's like putting a sign up in a bank saying 'vault this way' when the vault is in the other direction, but perhaps not quite so blatant."
The team will assess how the attack was conducted, its source, and any other information to help identify the hacker. They then contact the police.
"The Honey Pot itself doesn't prevent hackers and in some ways it even encourages them, but it can help trace where the attacks are coming from and lead to the perpetrators being caught," said Royle.
Royle said that any potentially malicious traffic is directed to the Honey Pot which is specially designed not to be too difficult for the hacker to break into.
"Once he's in, there is a database of fake card details and user names to keep him occupied while the alarm bells have been set off. With a normal firewall you repel all these attacks, but you don't know who they are or where they are coming from. Once a hacker's in the Honey Pot, we can start to trace him."
Royle said hackers can only be traced while they remain in the Honey Pot. "But they will leave evidence behind when they exit, which can be used to trace them." he added.
The service is available now and includes web server software with dummy pages, a public domain database containing fake user details, and mail servers. No outbound connections are permitted from the Honey Pot, which resides on an isolated network on its firewall interface.
On a fully rented, managed basis, the service costs £4,000 per year plus a response fee for each incident.
Online research project highlights web server compromised in 15 minutes.
Hackers who broke into Microsoft's corporate network last month could have been lured into a hacker trap containing nothing more than dummy data, according to researcher Gartner.
A Federal Judge has issued a temporary restraining order against two hackers, prohibiting them from distributing an application that allegedly makes it easier for children to access appropriate online information.
The FBI has raided the home of a US hacker who they suspected was involved in a series of denial-of-service (DoS) attacks on major websites last month.
V3.co.uk gets a walk through of the Hero, which includes HTC's new Sense overlay for Android
First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1
NetGear's four-bay compact network-attached storage gets a serious speed boost
Do you agree?
Have your say on this article