Date: Sun, 25 Jun 2000 10:40:51 +0200 (EET) From: Narvi <narvi@haldjas.folklore.ee> To: Stephan Holtwisch <sh@rookie.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: jail(8) Honeypots Message-ID: <Pine.BSF.3.96.1000625103546.2206X-100000@haldjas.folklore.ee> In-Reply-To: <20000625072049.A48985@rookie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 25 Jun 2000, Stephan Holtwisch wrote: > Hello, > [snip] > I do not know the jail implementation in FreeBSD too well. > However, to me it seems a very bad idea to run _known_ vulnerable > software within a jail, since that would mean the jail > implemenation must not have bugs. You wouldn't run buggy > software in a chrooted environment either, would you ? > In addition to this i don't see a real sense to run a 'victim' > Host as an IDS, where is the purpose of that ? > It may be fun to watch people trying to mess up your system, > but most likely you will just catch lots of script kiddies. > The thing is a booby-trap. It is somewhat similar to running a simulated "buggy" application with the sole puropse of catching the would-be attackers. I'm not sure if and how much it pays in the long run. > Stephan > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1000625103546.2206X-100000>