Port 25: Honeypots and User-Mode-Linux (UML)
Jul 25, 2006, 19:00 (4 Talkback[s])
"In technical terms, a honeypot performs a function very similar
to that of a 'honeypot' in the outside world: a sweet lure. A
'honeypot' is a system designed with the purpose of attracting the
attention of prospective attackers, to assess how they are
attempting to infiltrate the machine and what they doing once they
gain access. There are literally thousands of honeypot networks and
systems setup by security professionals and hobbyists worldwide.
These systems can provide a wealth of information into forensics
and assessing trends in network intrusion.
"This is Part One of a two part tech tip, which will address the
setup of User Mode Linux (UML) for honeypot use. Part Two of the
tech tip will cover the containment of intrusions and other
security topics that arise while using UML as a honeypot. Also
addressed in Part two will be the 'forensics' i.e. identifying what
exploits were tried on the honeypot..."