Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

8/4/2003

Sweet Security

Filed under: Criticism, Marginalia, and Notes,Geek Work — Posted by the Network Geek during the Hour of the Hare which is in the early morning or 7:24 am for you boring, normal people.
The moon is Waning Gibbous

Honeytokens are the latest “sweet security” tool to nab hackers, according to this article on SecurityFocus.

Okay, so here’s how it works. Say a hacker gets into your system. How are you to know? Well, let’s say you setup data of some kind that no one would have a real reason to access. So, if someone does access it, that read attempt serves as a red-flag.
Here’s an example. Say on a Human Resources directory you setup a file labeled “ProposedSalaryChanges.XLS”. Now, you know that no one in HR made the file. HR knows not to use the file. So, if you see a user accessing the file, you know they’re snooping for data.
Another example. Say you set up a false record in a payee database for “George Bush”. Obviously, unless your company does business with the Whitehouse or the Bush family, there’s no reason anyone would need to access this record. But, to a hacker, it might stand out and arouse some curiosity. So, if someon accesses the fake record again, you’ve got a red-flag.

Pretty clever, isn’t it? I hope a lot of hackers hear about it and get scared enough to not violate security. Not that I think it’ll really slow too many of them down, but still…


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.