A computer or computer network set up to “pretend” that it offers some real service, such as a Web or Email service, on the Internet. The real purpose of a honeypot is, in fact, to lure crackers. The computer or network is closely monitored by an expert to find out how a cracker breaks into the system and what he or she does to compromise it. Generally, honeypots contain legal warnings in their banners advising crackers to leave. Honeypots can also observe individuals who run botnets, a network of compromised machines controlled remotely by crackers.
In March 2005, a new honeypot was said to be able to trap crackers using Google queries to discover vulnerable systems. These crackers would normally use search engine queries to find sites whose URLs contain a particular string of words or phrases indicating that the site uses vulnerable applications.
Legal issues about whether honeypots infringe on crackers’ privacy rights have arisen in recent years and will likely continue to emerge and be resolved in court.
Honeypots.net. Intrusion Detection Articles, Links and Whitepapers. Honeypot.net Website. http://www.honeypots.net/ids/links/; Penton Media Inc. Google Hacking: No Longer a Sure Thing for Intruders. [Online, March 19, 2005.] Penton Media Inc. Website. http://list.windowsitpro.com/t?ct1=48C6:4FB69; The Honeypot Project and Research Alliance. Know Your Enemy: Tracking Botnets. [Online, March 13, 2005.] The Honeynet Project Website. http://www.honeynet.org/papers/bots.