O'Reilly logo

Virtual Honeypots: From Botnet Tracking to Intrusion Detection by Thorsten Holz, Niels Provos

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 2. High-Interaction Honeypots

2.1 Advantages and Disadvantages

2.2 VMware

2.3 User-Mode Linux

2.4 Argos

2.5 Safeguarding Your Honeypots

2.6 Summary

High-interaction honeypots offer the adversary a full system to interact with. This means that the honeypot does not emulate any services, functionality, or base operating systems. Instead, it provides real systems and services, the same used in organizations today. Thus, the attacker can completely compromise the machine and take control of it. This allows you to learn more about the tools, tactics, and motives of the attacker and get a better understanding of the attacker community. Although these types of honeypots can give you deep insights into the routine procedures of an attacker, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required