Making a honeypot network security system work

Honeypots have largely been relegated to use by academia and antivirus vendors because most enterprise IT teams figure they're too expensive to run and could land their companies in legal trouble. But honeypots aren't as scary as all that, according to an expert on the topic who spoke at the InfoSec World Conference & Expo in Orlando Tuesday.

Honeypots -- servers that emulate production systems in hopes of luring hackers and sniffing out new threats -- can cost a lot to run, but most organizations probably don't need expensive ones, said Michael Davis, CEO of consultancy Savid Technologies.

Deploying a honeypot can cost from hundreds to thousands of dollars, but that there are plenty of ways to keep costs down and show upper management that there will be a solid return on investment, said Davis, a member of the Honeynet Project, where he is working Windows-based security.