Sunday, July 3

honeypots

While reading this:
The 12-minute Windows heist says "(t)here is a 50 percent chance your unprotected Windows PC will be compromised within 12 minutes of going online ...
I was reminded me of the time I helped setup a network monitoring booth at a tradeshow. It was only a few minutes after we were online before we saw the probes starting, seeking weaknesses in our network. I seem to recall this being one of the SuperComm shows.

The moral? Anyone who connects to the Internet and isn't already behind a firewall or a properly configured router was probably compromised before they could even get the software configured! If it wouldn't be more trouble than it's worth, I'd like to bring a honeypot online and just watch, for old times' sake.

Finally, I'm not sure why Microsoft doesn't emphasize their Microsoft BS Analyzer (MBSA) more. I suspect they know something I don't ...

No comments: