SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Lost in the Noise

By Steve Jones,

I'm glad I have well water. Not that it protects me, but it provides some insulation in the event that the local water company's systems were hacked and unclean water released. That hacking could happen, and the person in this piece speculates it is happening after a water authority honeypot attracted hackers from all over the world. It's scary to think how the world may change when any individual, as well as any country, could attack our digital systems. It means security is more and more important all the time.

As I read the article, I looked for a positive in the experiment. Was there something to take away from this research? The thing I thought of was the way in which hacker traffic was drawn to this system. Not that hackers were not also investigating other systems, but if honeypots existed, perhaps in enough places, would the additional targets provide more security?

That's an interesting idea. What if you had CRM/Sales/Inventory systems that were available for port scans, and hacks, but didn't connect to banking systems and had test/dummy data? Would a few of these provide some security by luring hackers into spending their resources on these systems instead of real systems? What if you had 4 or 5 instances of SQL Server, probably Express, responding to port scans and providing a relatively easy target. You could monitor these systems, and perhaps be more prepared for real attacks when they occur.

I have long felt that we can't completely eliminate threats and secure our systems from any unauthorized access. What might be worse is that we may not be able to separate real queries from fake ones. What we need is better monitoring and awareness of the traffic to our systems. Perhaps if we had honeypots that we could monitor, we would be able to draw some hacking traffic, identify users that were unauthorized and then use that information to better protect, or audit, our real systems.

Total article views: 98 | Views in the last 30 days: 1
Related Articles

Physical Security

The physical security of our systems might be a bigger problem in the future as more and more hacker...


Security Managemen Systems

problem with Security Managemen Systems


The Security of Interconnected Systems

We are interconnecting more and more computer systems and applications all the time. Security become...


Corporate Hackers

A report says that most of the data lost in corporations is from employees. What can be done about i...


SQL Server System Audit Report

Ensuring that your SQL Server is secure is the job of every Database Administrator. In this article ...