Hosting Provided By

Re: Honeytokens and detection

From: David Zbonski <dzbonski(at)hotmail.com>
Date: Sun Apr 06 2003 - 16:04:28 EDT

I think the idea is great but I think if the numbers (or tokens) were public it would be self-defeating. The would be theif might easily avoid pulling the token like a theif avoids pulling the last bill from a bank drawer to avoid setting off the alarm. Wouldn't it be best for each instiution to create their own? The security would be in detecting and alerting on the movement of the token information. I think it falls into "security by obscurity" but I also feel that this does not mean that it is wrong - it just means that you can't count on it 100%. It is a part of that larger puzzle of keeping data safe and systems useable.

Just my two cents.

David Zbonski
Zbonski Consulting
www.zbonski.com

>From: Lance Spitzner <lance@honeynet.org>
>To: Focus on Intrusion Detection Systems <FOCUS-IDS@SECURITYFOCUS.COM>
>Subject: Honeytokens and detection
>Date: Thu, 3 Apr 2003 16:45:06 -0600 (CST)

Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail

ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis Learn why 70% of today's successful hacks involve Web Application attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71 Received on Mon Apr 7 19:23:59 2003

This message: [ Message body ]
Next message: Augusto Paes de Barros: "RES: Honeytokens and detection"
Previous message: Grant, Liam: "RE: Honeytokens and detection"
In reply to Lance Spitzner: "Honeytokens and detection"
Next in thread: Pete Herzog: "RE: Honeytokens and detection"
Reply: Pete Herzog: "RE: Honeytokens and detection"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:11 EDT