1. A box designed to attract {cracker}s so that they can be observed
in action. It is usually well isolated from the rest of the network,
but has extensive logging (usually network layer, on a different
machine). Different from an {iron box} in that its purpose is to
attract, not merely observe. Sometimes, it is also a defensive
network security tactic -- you set up an easy-to-crack box so that
your real servers don't get messed with. The concept was presented in
Cheswick & Bellovin's book Firewalls and Internet Security.
2. A mail server that acts as an open relay when a single message is
attempted to send through it, but discards or diverts for examination
messages that are detected to be part of a spam run.
[glossary]
[Reference(s) to this entry by made by: {iron box}]