Fun things to do with a Honeypot

Contributed by Alberto Gonzalez and Jason Larsen

Honeypots are a hot topic in the security research community right now. Everyone is starting up their own honeypot system. While most of current literature available on them deals with the potential gains a honeypot can give you, and how to monitor them, not very many of them deal with the mechanics of honeypots themselves.

Most honeypots as deployed from spare parts. Many start as just an extra box someone has lying around. A security savvy technician has slapped an OS on it, checksummed all the files, installed an IDS, and set about waiting for the hackers to arrive. These haphazard kinds of honeypots ignore some of the most interesting capabilities of honeypots. Honeypots can be used to ensnare and beguile potential hackers, entice them to give you more research information, and actively defend a production network.

In this paper, you’ll find some cool and fun things to do with honeypots. We’ll discuss techniques that can be used to create an environment that keeps a hackers interested piqued in your honeypot, will encourage them to upload new toys, and show you how to extract the maximum amount of data from them.

This document is in PDF format. To view it click here.