I was just curious what some of you are doing for passwords for the "users" on your honeypots? I was reading the paper by the Distributed Honeypot Project, nice write up btw, and noticed they used a randomized password which foiled the attempts of one prospective hacker. Are you using random passwords, real words, or is it dependent on what type of data you are collecting? I would think that if you used too strong of a password, i.e. random letters, numbers etc at least 7 characters long, would deter some hackers and the chance to gain intelligence would be lost. Do any of you who are running honeypots have a policy on this? Or just some thoughts on the subject?

Sincerely,

Louis Brooks

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]