Irish Honeynet attracts more hack attacks

25 Aug 2003

The number of attacks on the Irish Honeynet, a network set up specially to monitor hacker activity, is growing month by month. Latest recorded figures show more than 1,000 attacks over a 30-day period.

The Irish Honeynet was set up by Espion, Deloitte & Touche and Data Electronics in April 2002. According to Espion, a specialist computer security firm, the site recorded 1,363 individual attacks in June alone. There were 1,121 unique IP addresses, which Espion said indicated hackers performing a degree of reconnaissance before later deciding to attack the Honeynet website.

The IP addresses, Espion stated, show that the hackers come from 65 countries around the world. A good number of the addresses are most likely to have originated from computers that had already been compromised and were being used as springboards for hackers elsewhere.

The Irish Honeynet administrators say that some 45 ports were targeted, which reaffirms the need for companies to ensure that at the very least a well-maintained firewall is implemented.

The aim of the Irish Honeynet is to create an internet infrastructure similar to those commonly used by Irish companies. The only difference is that it is “wired” with detection sensors that capture all activity to and from the system.

A honeynet is not advertised in any way so that any traffic to it from the internet is suspicious by nature as it arises from hackers who are deliberately attempting to identify and attack systems that are vulnerable.

By John Kennedy