spacer [an error occurred while processing this directive]
Home
About the Project
Challenges
Presentations
Whitepapers
Tools
Our Book
Funding/Donations
Status Reports
Mirrors

spacer
spacer  
FAQ
spacer

This page answers some of the most frequently asked questions concerning the Honeynet Project.
Last Updated: 26 October, 2007

  1. Why are you guys doing this?
  2. Why are you publishing your research, doesn't that give the badguys the advantage?
  3. What is the difference between a honeypot and a Honeynet?
  4. What do you do to attract threats to your honeypots?
  5. What about advanced threats, have you captured their activity?>
  6. Once compromised, can't the bad guys use one of your honeypots to attack someone else?
  7. Do you prosecute the people that compromise systems within the Honeynet?
  8. Aren't honeypots a form of entrapment?
  9. Do you have a maillist I can join?
  10. How can I join or become involved with the group?
  11. What is a Chapter?
  12. What happened to the Research Alliance?

1. Why are you guys doing this?
Because we want to make a difference. Its our goal that the concepts, information and tools that we provide (at no cost) will help improve the security of the Internet. Often people think its odd we put so much time and effort into our work and then share everything with the public (not a very good business model :). We wouldn't have it any other way.

2. Why are you publishing your research, doesn't that give the badguys the advantage?
Yes, this could give the bad guys an advantage. By sharing our research the bad guys will know what we are up to. However, we are dedicated to research and we feel the best environment for that is where ideas and technology are freely shared. That is why we are dedicated to the ideas of OpenSource.

5. What about advanced threats, have you captured their activity?
That depends on what you consider an advanced threat. We capture information on common threats, attackers that target the public at large. For example, cyber crime. We do not collect information on threats that target a specific organization or government entity.

6. Once compromised, can't the bad guys use one of your honeypots to attack someone else?
Potentially yes. We have developed tools and techniques to mitigate this threat, but the risk exists. We use several layers of access control devices that limit and control what type of outbound connections are allowed, and how many. To learn more about these measures, refer to the paper Know Your Enemy: Honeynets.

8. Aren't honeypots a form of entrapment?
No. To learn more why, read the legal chapter from our book, which is available for free at our Book site.

9. Do you have a maillist I can join?
Yes, lots of them in fact! If you are interested in getting involved with any of our development efforts, check out our Public Development Maillists. If you are interested in honeypots in general, we recommend SecurityFocuse's Public Honeypot Maillist.

10. How can I join or become involved with the group?
We are always looking for new people and ideas! The best way to get involved is find a Chapter local to you and contact them. If there is no chapter near you, think about starting your own!

11. What is a Chapter? A Chapter is a smaller, self-governed organization within the Honeynet Project. As we are a global organization with members around the world, we found we needed a distributed way to govern ourselves as we grew. You can learn more about all of our Chapters online at our Chapters page. Or, if you like to start your own, contact project@honeynet.org.

12. What happend to the Alliance? The Alliance was an informal grouping of different members and organizations around the world. As we continued to grow, this model worked so well that we incorporated the original Alliance organizations into the Project as Chapters, creating a global organization and with it, opportunities to participate and collaborate effectively on a global scale. With our new bylaws, we have formalized our governance and structure. This change officialy took place on 07 Aug, 2007.


Back to Top