Google Hack Honeypot - keeping the web sweet
If you thought that a honeypot was just something that bears in children’s stories love, then it may be time to think again: Google Hack Honeypot has been developed in response to the latest type of malicious web traffic, whereby search engines are used as a hacking tool.
So how has this come about? Well, the Google search engine has become a powerful tool, which allows for searching on an immense amount of information, and at the same time, the spread of web-based applications, such as message boards and remote admin tools, has meant that there has been an increase in the number of misconfigured and vulnerable web applications available. Insecure tools such as these, when combined with the power of a search engine and index such as Google, results in a clear means of attack for hackers.
To counteract this, a honeypot is a trap set up to detect and counteract any attempts at unauthorized use of information systems. Generally it consists of a computer that appears to be part of a network, but which is in fact isolated, and which seems to contain information that would be of value to malicious hackers.
A honeypot makes a great surveillance and early-warning tool, and it doesn’t even have to be a computer - it can be files, data records, or even an otherwise unused IP address space. Honeypots should not actually have any legitimate traffic or activity, so that whatever they do capture can then be presumed to be malicious. To illustrate this: a honeypot does not need any kind of filter to separate ordinary e-mail from spam, because ordinary e-mail never comes to a honeypot. A honeypot is basically something that appears to be vulnerable, but in reality is recording illicit use by the bad guys of the computer world.
The Google Hack Honeypot allows administrators to track malicious hosts, allowing them to observe who is perpetrating the attack, and how it is being carried out via the log. This record of data can then be used to deny future access to attackers, and to notify service providers of attacks originating from their networks.
So if you want to keep your site well-protected, you might think about using a honeypot – another tool in our armory against the bandits of the internet.