Use HoneyD on Linux to Fool Attackers
Jul 23, 2011, 17:00 (0 Talkback[s])
"Firewalls, intrusion detection systems, packet sniffers —
all are important pieces of the puzzle. So too is Honeyd, the
"honeypot daemon." Honeyd simulates the existence of an array of
server and client machines on your network, including typical
traffic between them. The phantom machines can be configured to
mimic the signature and behavior of real operating systems, which
will trick intruders into poking at them — and revealing
themselves to your security staff.
"Current versions of Honeyd can imitate the appearance of more
than 1,000 OSes and their variants, and the profiles used to mimic
the targets are gleaned from the Nmap security scanner. That does
not make them indistinguishable from reality, but it is as close as
you can come."