Chapter 14: Honeypot Services on Linux

In this chapter, we'll be discussing honeypots – fake services that you can deploy to collect attacker activity with a false positive rate of just about zero. We'll discuss various architectures and placement options, as well as the risks of deploying honeypots. A few different honeypot architectures will be discussed as well. This chapter should start you on the path of implementing various "deception" approaches on the network to distract and delay your attackers and provide very high-fidelity logs of attacker activity with almost no false positives.

In this chapter, we'll look at the following topics:

Honeypot overview – what is a honeypot, and why do I want one?
Deployment scenarios and architecture ...

Get Linux for Networking Professionals now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux for Networking Professionals by Rob VandenBrink

Chapter 14: Honeypot Services on Linux

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly