Websites to set traps for hackers

A security company is attempting to catch hackers by luring them into traps within ecommerce websites.

Written by Jo Ticehurst

vnunet.com, 07 Apr 2000

Advertisement

A security company is attempting to catch hackers by luring them into traps within ecommerce websites.

Firewall specialist Objectronix has launched a service accompanying its firewall product that uses dummy tools and data, such as false credit card details, to entice hackers into a trap.

Once the hacker has been lured into the trap - a controlled area of the firewall - a trace is automatically sent to Ojectronix's 24x7 attack response team. The team monitors the hacker's activity while in the trap and examines evidence once the hacker has moved on.

Chris Royle, a director at Objectronix, said: "It's like putting a sign up in a bank saying 'vault this way' when the vault is in the other direction, but perhaps not quite so blatant."

The team will assess how the attack was conducted, its source, and any other information to help identify the hacker. They then contact the police.

"The Honey Pot itself doesn't prevent hackers and in some ways it even encourages them, but it can help trace where the attacks are coming from and lead to the perpetrators being caught," said Royle.

Royle said that any potentially malicious traffic is directed to the Honey Pot which is specially designed not to be too difficult for the hacker to break into.

"Once he's in, there is a database of fake card details and user names to keep him occupied while the alarm bells have been set off. With a normal firewall you repel all these attacks, but you don't know who they are or where they are coming from. Once a hacker's in the Honey Pot, we can start to trace him."

Royle said hackers can only be traced while they remain in the Honey Pot. "But they will leave evidence behind when they exit, which can be used to trace them." he added.

The service is available now and includes web server software with dummy pages, a public domain database containing fake user details, and mail servers. No outbound connections are permitted from the Honey Pot, which resides on an isolated network on its firewall interface.

On a fully rented, managed basis, the service costs £4,000 per year plus a response fee for each incident.

Tags:

Further reading

Related articles

Related whitepapers

Related jobs

Do you agree?

Have your say on this article

Most commented stories

More

IT white papers

Search vnunet IThound

Top categories

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Watch

05 Sep 2008

8.64 MBPodcast Special: Views from the Valley More...

Podcast image

04 Sep 2008

12.7 MBComputing podcast 4 September 2008 More...

Podcast logo

02 Sep 2008

8.39 MBEco-Entrepreneur Podcast: Bulldog More...

Listen to more

Poll

INTERNET EXPLORER 8

INTERNET EXPLORER 8

Are you intending to download Internet Explorer 8 when it becomes available?

Previous poll results

Spotlight

LogMeIn Rescue+Mobile

BlackBerry gets LogMeIn remote support

Rescue+Mobile lets a support technician take control of the handset   More...

Dell manufacturing plant

Dell planning factory closures to cut costs

Report claims that PC maker is looking to sell off...  More...

Google Chrome

More growing pains for Chrome

Google wrestles with licensing and security problems   More...

Smartphone

US takes 3G crown from Europe

Americans finally catch up with Europeans in adoption of 3G   More...

Primary Navigation