Canary Accounts Warn of Hacks

Robert Graham of Errata Security makes a great recommendation in a recent post:

The first is to create "canary" accounts. Create accounts that have
e-mail addresses, like "". This
account is not going to get any spam e-mail. When it does get its first
spam, you'll know that it came from your database. When I create
recommendations for clients, this is always one of the first things I
suggest. (Likewise, if you are an e-commerce site, you should get dummy
credit cards that only exist in your database). This won't stop you
from getting hacked, but it will at least tell you when a hack has
happened. (I suspect that this isn't the first time phpbb has been
hacked – just the first time it's been made public).

Canary accounts are a great idea (and its a great name for the concept). I believe there was a company out there at one point that would do this for individuals and their email addresses, and I've talked to a few folks who have used the concept in databases. It requires good planning to ensure that all business processes are factored into managing the accounts.

1 comment for “Canary Accounts Warn of Hacks

  1. February 9, 2009 at 5:43 pm

    Sounds like putting “Rand McNally Avenue” as the street name in some podunk town in your atlas.

Comments are closed.