How I Got Started with Honeypots
So, how do you build a honeypot? One advantage to having no documentation was at least I couldn’t do it wrong. Since there were no rules on what a honeypot should be or should look like, whatever I tried was a step in the right direction.
My research began with the only publicly available honeypot at that time: Fred Cohen’s The Deception Toolkit[2]. This a suite of tools written in PERL and C that emulate a variety of services. Installed on a Unix system, DTK, as it is commonly called, is used to both detect attacks and deceive the attacker. I tried out the DTK and found it extremely useful for a first crack at a honeypot. However, I felt limited by the fact that it emulated known vulnerabilities, and supplied ...
Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.