Steve Jones - SSC Editor (8/27/2013)[hrThe idea isn't just to have them attack a fake system, but also to learn about how they attack (and from where). The honeypots can also draw off the "Script kiddie" attacks. Those not made with targeted intent of achieving anything other than vandalism.
Trouble is that when the vandal wants to insert a picture of Minnie Mouse cuddling up to Kermit onto the home page of the National Bank of Grand Fenwick's website, he knows what IP address he has to attack - the one that the bank's customers and potential customers get when they ask the DNS network for WWW.NBGF.FENWICK.EU; so a honeypot on a different address isn't going to draw her (or him) off because it's obviously wrong. That of course doesn't mean that honeypots won't draw people off - but the people drawn off will not be script kiddies, because the script kiddies want to vandalise something whose address is well known, not something that doesn't have a well-known address.