Term: honeypot

Like a pot of honey left out to trap a bear, a honeypot is a unprotected or partially-protected machine set up to allow malicious software or activity to compromise it.

The idea is simple: by leaving a machine vulnerable, it is likely to be attacked in some way. The owners of the honeypot machine can then examine both the source and technique of the specific attack and build defenses against it.

The term can be more generally applied to any machine left vulnerable to only specific attacks, including other forms of malicious behaviour (such as hacking). A government agency might place a machine with falsified information on it, so that while it looks important and confidential, they can monitor who attempts to break in and how.

“Honeypot” can also be applied to email. Agencies monitoring spam, for example, might set up email addresses and make them public so as to monitor what kinds of spam emails are then sent, so they can monitor the characteristics of spam over time.

« Back to Glossary Index