Why are you guys doing this?
Why are you publishing your research, doesn't that give
the badguys the advantage?
What is the difference between a honeypot and a Honeynet?
What do you do to attract threats to your honeypots?
What about advanced threats, have you captured their activity?>
Once compromised, can't the bad guys use one of your honeypots
to attack someone else?
Do you prosecute the people that compromise systems within
Aren't honeypots a form of entrapment?
Do you have a maillist I can join?
How can I join or become involved with the group?
What is a Chapter?
What happened to the Research Alliance?
1. Why are you guys doing this?
Because we want to make a difference. Its our goal that the concepts, information and
tools that we provide (at no cost) will help improve the security of the Internet.
Often people think its odd we put so much time and effort into our work and then share
everything with the public (not a very good business model :). We wouldn't have it
any other way.
2. Why are you publishing your research, doesn't that give
the badguys the advantage?
Yes, this could give the bad guys an advantage. By sharing our research
the bad guys will know what we are up to. However, we are dedicated to research and
we feel the best environment for that is where ideas and technology are freely shared.
That is why we are dedicated to the ideas of
5. What about advanced threats, have you captured their activity?
That depends on what you consider an advanced threat. We capture information on common threats, attackers
that target the public at large. For example, cyber crime. We do not collect information on threats
that target a specific organization or government entity.
6. Once compromised, can't the bad guys use one of
your honeypots to attack someone else?
Potentially yes. We have developed tools and techniques to mitigate
this threat, but the risk exists. We use several layers of access control
devices that limit and control what type of outbound connections are allowed,
and how many. To learn more about these measures, refer to the paper
Know Your Enemy: Honeynets.
8. Aren't honeypots a form of entrapment?
No. To learn more why, read the legal chapter from our book, which is available
for free at our Book site.
9. Do you have a maillist I can join?
Yes, lots of them in fact! If you are interested in getting involved with
any of our development efforts, check out our
Public Development Maillists.
If you are interested in honeypots in general, we recommend
Public Honeypot Maillist.
10. How can I join or become involved with the group?
We are always looking for new people and ideas! The best way to get involved
is find a Chapter local to you and contact them.
If there is no chapter near you, think about starting your own!
11. What is a Chapter?
A Chapter is a smaller, self-governed organization within the Honeynet
Project. As we are a global organization with members around the world,
we found we needed a distributed way to govern ourselves as we grew. You can learn
more about all of our Chapters online at our
Chapters page. Or, if you like
to start your own, contact firstname.lastname@example.org.
12. What happend to the Alliance?
The Alliance was an informal
grouping of different members and organizations around the world.
As we continued to grow, this model worked so well that we
incorporated the original Alliance organizations into the Project
as Chapters, creating a global organization and with it,
opportunities to participate and collaborate effectively on a
global scale. With our new
bylaws, we have formalized
our governance and structure. This change officialy took place on 07 Aug,