Chapter 2. High-Interaction Honeypots
2.1 Advantages and Disadvantages
2.3 User-Mode Linux
2.5 Safeguarding Your Honeypots
High-interaction honeypots offer the adversary a full system to interact with. This means that the honeypot does not emulate any services, functionality, or base operating systems. Instead, it provides real systems and services, the same used in organizations today. Thus, the attacker can completely compromise the machine and take control of it. This allows you to learn more about the tools, tactics, and motives of the attacker and get a better understanding of the attacker community. Although these types of honeypots can give you deep insights into the routine procedures of an attacker, ...