◆ SpookStack

In Page 1 of 4 Subject: Lamo ToL) at iecaerrcn conzarnes EEREIN Sorry | forgot to send this NY Times article to you. D6 -1,2 LL] pIC -1,2 April 28, 2003 A New Way to Caich a Hacker By NICHOLAS THOMPSON or @ computer security professional, Lance Spitzner has an unusual goal: He wants ill-intentioned hackers to steal more Social Security numbers and medical records. Mr. Spitzner, a former Army officer, spends his days working at Sun Microsystems and his evenings running the volunteer Honeynet Project, a group of security . professionals working to track hackers. Until recently, the four-year-old nenprofit effort focused on building and monitoring honeypots ? computer systems designed to be easily penetrated so that Honeynet volunteers can covertly scrutinize hackers' tricks when they break into the systems. Now Mr. Spitzner, 32, is focusing his efforts on a different type of defense based on the insertion of "honeytokens" into real databases and systems. Honeytokens are pieces of seemingly enticing information that have no useful value. Embedded in ways so that no innocent person should accidentally stumble upon them, honeytokens trigger alarms when viewed, grabbed or downloaded. For example, a bank could insert a fake credit card number into its files and hen set up a program called a "sniffer" on the network that would send out an alarm if anyone touched that particular number. The term “honeytokens” was coined on Feb. 21 by a programmer named Augusto Paes de Barros who used it in an e-mail message to a list of security . professionals. But the idea is not new. t dates back in computing at least to 1986, when Clifford Stoll, a programmer at Lawrence Berkeley Nationa! Laboratory in California, buried ake records for an organization called the Strategic Defense Initiative Network deep in his bo -1 b7C -1 FBI(19-cv-1495)-1779