You should see the look on people’s faces when I tell them certain aspects of applications I write are actually honeypots designed to make hackers waste time trying to figure out what a particular value represents.
One cool trick I use is in the links that pass values from one page in an application to the next.
The real value has a Base64 hashed value – it looks simply like a bunch of characters thrown together. Then there is another value in the link that simply says RecordID=123456.
Of course ‘RecordID’ is the honeypot.
The value is simply a RandRange() command producing a random number.
The idea is that the would-be hacker will first go for the easy numeric value and try to figure out what that is for before they try to take apart the Base64 (salted of course) value.
Anyway, give this article on InfoWorld a read, it has other nice information about how to employ honeypots.
Intrusion detection honeypots simplify network security | Security Central - InfoWorld
No comments:
Post a Comment