O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

22.5. Honeypot Monitoring

The final concept I want to mention in this chapter is that of a honeypot, a computer configured specifically to attract all the unsavory characters you normally try so hard to keep away from your Macs! Setting up a honeypot is something no one should undertake lightly — if you manage a small home or office network, especially one with few or no public servers, it's not worth your time or effort. However, honeypots can have value on large networks, especially those with high-value data or resources or those frequently the target of break-ins.

Because the design and administration of honeypots is a long and complex topic and this book is primarily geared toward those whose networks are too small to benefit from them, I've chosen not to provide detailed instructions here on setting them up. Nevertheless, honeypots are intriguing and useful enough that those interested in Mac security should have at least a passing acquaintance with how they work.

The main reason for honeypots is to provide a source of information — to help you, as a network administrator, discover exactly what the bad guys are up to without endangering your data. Based on what you see happening on the honeypot, you can take steps to protect your production computers and perhaps even predict imminent attacks.

Ordinarily, a honeypot's existence isn't advertised at all. It's just a computer sitting on your network, without any links or pointers to it whatsoever — but also with few or no security ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required