Everything is a honeypot.
Several terabytes of honeypot F-35 data was stolen here.
Computer Spies Breach Fighter-Jet Project - WSJ.com
As usual with the Chinese members here, you do not read and try to understand your source, so I will do it for you...
In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren't able to access the most sensitive material, which is stored on computers not connected to the Internet.
Not only is it important on how to design a honeypot to make it appears not to be, it is equally important that at least a sizable amount of data be available for the intruder to access and copied, because if the data is too scant and/or too unbelievable, the intruder may not stay inside the system long enough for me to record and learn his techniques and where he came from.
SANS: Intrusion Detection FAQ: What is a Honeypot?
You will want to make your Honey Pot an interesting site by placing "Dummy" information or make it appear as though the intruder has found an "Intranet" server, etc. Expect to spend some time making your Honey Pot appear legitimate so that intruders will spend enough time investigating and perusing the system so that you are able to gather as much forensic information as possible.
What is 'dummy information' does not necessarily mean false information and here is where you are confused. False information are outright falsehoods or lies. On the other hand, factually true information does not equal to
USEFUL information. Get that?
I can tell you a truth: I used to deliver newspaper when I was young and I worked hard enough to make me the wealthiest 12yr old in the neighborhood. I made $15-20 a week and in 1970s dollars, that would equal to about $100 today. I bought my own clothes, my own toys, and even my own food, and I treated my G/Fs very well. Heck, there are adults in China today that do not make $15-20 a week.
But is that factual truth
USEFUL to you? No, unless you are my biographer. You are only an intruder, not an analyst. Your job is to penetrate a network and stay inside that network
FOR AS LONG AS POSSIBLE. You have only enough mission briefing to know what to look for and copied, but not enough to recognize if the data is useful or not. Most likely, you would not even know if the data is out of date. You would not know the entire IEEE repository, so all I have to do is design the honeypot to include technical data that have only peripheral relationships to the true intent of the real network, the F-35X plans, for example. My intention is to keep you busy copying these truthful but ultimately useless data while I record your behaviors and finally your origin. How else can you explain that Mandiant, Trend Micro, the Pentagon, and others are able to ID-ed and correlate the location of China's cyber-spies unit?
If you think that what I said is unreal, then learn that during the Cold War, Soviet agents were lazy and unaccomplished enough that they ended up sending mainstream newspaper articles back to Moscow as 'intelligence'. I have already seen how technically ignorant and incompetent the Chinese members here...
I can place **** at a deeper level where I think you will need to stay long enough to find that stash, and when you do, you will realize that you have been had. But why should I do that? Why should I alert you to the fact that I busted you through a honeypot? I would share what I have learned so others could replicate to protect themselves.
Your argument is as stupid as the often boast that a Chinese Song-class diesel sub managed to surface in the middle of a US aircraft carrier battle group. If my subs could do that, why should I let the Americans know? Your problem is no different than the rest of the Chinese members here: lack of relevant experience. Then you think you know it all.
Man, stop living in denial China is powerful but not that it can be compared with US .
