What exactly is a honeypot?

[amy_lase]

I have a question, what exactly is a honeypot? I looked it up on wikipedia/google, but I can't tell if its good or bad...

[David H. Lipman]

A Honey Pot is an attractant to catch bears. Bears like honey. You put out honey and you can catch a bear.

The term Honey Pot is often applied to a system that is implemented to lure in malicious activity much like putting out honey to catch a bear. A kind of sting operation.

In the anti malware community one may setup a computer that is directly connected to the Internet that does NOT have any safeguards or security and will in fact be deliberately left in an non-updated state such that there are open, exploitable, vulnerabilities to catch malware and malicious activity such as Internet Worms and hacking.

One sets up a Honey Pot to lure in the unwanted action. You don't have to find the malicious actor, they come to you.

You leave a bicycle unsecured on the sidewalk and place a camera to view the bicycle. You wait and watch to see if anyone takes the bait. If the bicycle is stolen you can catch them in the act and you have the evidence. The "Honey Pot" is bait.

[amy_lase]

Ah, I see. Interesting. Thanks for clarifying. I was curious, as it was a term I haven't heard before. The reason why I was interested is that one of my computers was connecting to an IP address that historically (according to project honeypot) was a malicious source. I was poking around on their website and found the term honeypot, and this spiked my curiosity.

[David H. Lipman]