http://hackbusters.net/LaBrea/lbathome.html
Does anyone have any thoughts about using this?
Does it really help the "cause" of security, or is more of a "game" to play with hackers?
Thank you for your thoughts and opinions.

Scotcov

Well, a couple of thoughts...

First, be very cautious whenever you start thinking about trying to toy with or out smart the other guy. You don't know who is at the other end of a connection, and you don't know what their capabilities are or their intentions.

The only people that I think should be using tools to track, honeypot or tarpit hackers (or even script kiddies, for that matter - keeping in mind what I said above about not knowing the person on the other end) are people with the necessary skills, knowledge and setups to create their own honeypots or tarpits, and who don't need such a tool as the one linked.

Whenever we attempt to use a product like this, to help us play at a level that is beyond our own skills, we are asking for trouble. Defensive applications, like firewalls and AV/AT are one thing, we should use those, but this product? No, that's a little much. We need to be careful we don't become like the script-kiddie - delving into areas we don't understand, upon the power of someone else's tool.

Secondly, be sure this product's functions are within the TOS of your ISP before installing and using them. I, for example, could not use this tool. It makes it look like I have a webserver on port 80. My ISP does not allow people with my connection package to run servers. Their automated scanning bots might well find this product listening and responding on port 80 and I'd be warned about running a webserver.

In any case, I don't recommend this or any other such product. Just defend yourself and don't attract the attention of the bad guys. Your online life will be easier that way.

Best Wishes,
LowWaterMark

I'm afraid to ask.......what is it ?? ;D

bill

LowWaterMark

I was very impressed by your post....an truely wish others would offer the same so good advice......

many folks don't seem to realize the dangers involved...
nor how quickly a computer can be trashed....

snowman

Tar pits and honey pots are really for enterprise servers. They would usually have a whole server set aside to be the tar pit or honey pot. Without a spare networked computer, I wouldn't try it ::)

Thank you cnm and LowWaterMark. Very helpful answers. I definitely won't touch it!

Many Thanks,
Scotcov

I have to repeat my thanks to you guys/gals for the thoughtfullness and knowledge of the answers you gave me. I posted my question after I had read somewhere (I don't remember where), a group of people touting this tarpit use. They claimed that it was great for stopping hackers, and was easy to use. But I really got the feeling that they all saw it as some kind of fun game.
I knew I only had one place to turn for the correct answer! :D

What LowWaterMark says is true. It may not be wise to try to duke it out with someone who could potentially cause you more grief than it is worth is you are not knowledgeable enough.

That being said I have used Labrea extensively and found it did indeed tar connections. At first it was really exciting to tar some IP get stuck. Miraculously, I was running a real web-server on the same machine and there was no conflict! I am not currently running it, but now that you mention it I'll crank it up again. The last time I was at there site they said they were going to make it configurable to any port. I have no idea if they have yet. A 100,000 tar pits on 137 would be of benefit right about now.