1. A box designed to attract {cracker}s so that they can be observed in action. It is usually well isolated from the rest of the network, but has extensive logging (usually network layer, on a different machine). Different from an {iron box} in that its purpose is to attract, not merely observe. Sometimes, it is also a defensive network security tactic -- you set up an easy-to-crack box so that your real servers don't get messed with. The concept was presented in Cheswick & Bellovin's book Firewalls and Internet Security. 2. A mail server that acts as an open relay when a single message is attempted to send through it, but discards or diverts for examination messages that are detected to be part of a spam run.
[glossary]
[Reference(s) to this entry by made by: {iron box}]