Would it be possible to set up a honeypot that doesn’t just defend, but also counterattacks? For example, it could be a piece of malware that is propagated to the attacker’s computer when the honeypot is tripped. The attacker would not be able to accuse the defender of giving him malware without revealing his own complicity in the attempted cyberattack.

Of course, if CFAA prohibits this, then that’s the big reason why this isn’t done. Perhaps we need to legalize more active cyber defenses rather than force sysadmins to rely on passive defenses.

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.