Home Articles Reviews IT Tools News Releases Advertising
You are here: IT-Observer » Articles » Information Security RSS | White Papers |

Groups Uses Honey Pots to Track Threats

By Jeremy C. Wright, Staff Writer
Wednesday, 8 December 2004 13:40 EST



Imlogic announced today that they will begin using “honey pots” to track malicious activity in instant messaging (IM) and peer-to-peer (P2P) networks. The move was announced in partnership with nearly every major IM and P2P company in the world.

The deal allows Imlogic to create a “Threat Center” which it will use to gather intelligence as well as to provide earlier warnings of viruses or other widespread issues on.

The Threat Center initiative revolves around the controversial honey-potting technique used to monitor and track illegal intrusions on a host or network that has been deliberately exposed with known security vulnerabilities.

Honey pots have been used in the past—mostly in e-mail environments—to trap malicious hackers and to collect data on the way intruders operate. Information collected in honey pots is typically used to power early warning and prediction systems.

According to IMlogic chief executive Francis deSouza, the company will manage a system of honey pots running on IM networks powered by America Online Inc., Yahoo Inc., Microsoft Corp., IBM Corp. and Jabber.

"These are IM honey pots that are specially created. They shouldn't be receiving any IM traffic outside of spam or malware so when we detect any activity on those IMs, it sets off a warning," deSouza said in an interview with eWEEK.com.

deSouza declined to say how many honey pots had been deployed or how the company planned to work around the legal ramifications of using the technique. In the past, the use of honey pots has raised questions about whether it constitutes entrapment.

"We've obviously paid attention to the mistakes made by e-mail honey pots. There is a preferred way to deploy honey pots and we have the advantage of launching now and incorporating everything we've learned from the e-mail honey pots," deSouza said.

Among other things, the data from the Threat Center's honey pots will be used to create a knowledge base of IM/P2P viruses and worms and an alerts-and-notification mechanism (by e-mail and IM) of new and emerging threats for subscribers.
GFI LANguard Network Security Scanner - Is your network open to attack? Find out with the #1 sold network security scanner: GFI LANguard Network Security Scanner! Download your FREE trial version today.

Visit GFI Security Software page for more information.

IT-Gear.com - Weblog dedicated to everything concerning IT tools and services.

Latest News

SECUDE appoints Open-Source specialist as Linux Expert
02.11.06  SECUDE IT Security GmbH has confirmed the appointment of Felipe Rodriguez, a Linux Kernel contributor and owner of the Open-Source project MGSTEP, as its Linux Expert.

Increased Spam Fuelled Through Botnet Activities
02.11.06  MessageLabs, a provider of integrated messaging and web security services to businesses worldwide, has announced the results of its Intelligence Report for October 2006.

How to keep your VoIP net safe
30.10.06  One of the major challenges in implementing a converged network is having a coherent security policy for the management and control of a system that is carrying voice, video and data.

User tricks, security treats
30.10.06  Thirteen malevolent spirits may haunt the halls and cubicles of your company, and if you're going to scare them into security compliance you may need to get a little bit spooky yourself.

10 Steps to More Secure Wireless
27.10.06  We have all heard about the stories of spammers using open home wireless networks to fill the net with junk mail.

BT acquires Counterpane Internet Security
25.10.06  BT has announced that it has acquired Counterpane Internet Security, a provider of managed networked security services, as part of its strategy to expand and develop its global professional services capabilities.

Perdemia updates Permission Analyzer
25.10.06  Perdemia has upgraded Permission Analyzer, a powerful Windows administration tool that quickly determines whether the system access permissions are properly set, need to be changed, or have been altered by people who are not authorized to make changes.

Mac OS Bluetooth exploit - Inqtana.d
25.10.06  Inqtanad is a proof-of-concept exploit, which has not yet been seen in the wild, that is installed on a Mac OS X computer via Bluetooth from a computer or PDA running a Linux system.
Copyright © IT-Observer Online Publication 2000 - 2006 Top | RSS Feeds | About Us
Site Meter