Summary
Honeyd is an OpenSource low-interaction honeypot that introduces several new features. First, it has the capability to monitor the network of millions of systems and assume the identities of thousands of victims at the same time. Using Arpd, the honeypot can even determine which systems are valid and which are nonexistent and then assume the identity of the nonexistent systems on the fly. It also has the capability to emulate operating systems at both the application and IP stack levels. Honeyd’s advantages and disadvantages are summarized in Table 8-1.
| Advantages of Honeyd | Disadvantages of Honeyd |
|---|---|
| Can monitor any UDP or TCP port and entire networks. | As a low-interaction solution, it cannot provide real operating ... |
Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
