Template:Having Fun With Honeyd
From What The Wiki?!
A honeypot is a closely monitored network decoy serving severalpurposes: it can distract adversaries from more valuable machines ona network, can provide early warning about new attack andexploitation trends, or allow in-depth examination of adversariesduring and after exploitation of a honeypot. As physical honeypotsare often time intensive and expensive, virtual honeypots can easilyscale to thousands of machines. This talk presents recentimprovements in Honeyd, a framework for virtual honeypots thatsimulates virtual computer systems at the network level. Thesimulated computer systems appear to run on unallocated networkaddresses. To deceive network fingerprinting tools, Honeyd simulatesthe networking stack of different operating systems and can providearbitrary routing topologies and services for an arbitrary number ofvirtual systems. This talk discusses fun features of Honeyd'sdesign and how Honeyd can be applied to many areas of systemsecurity, e.g. detecting and disabling worms, distractingadversaries, or preventing the spread of spam email.
