Honeypots & honeynets

Some concepts I learned during a CISA course.

A honeypot is designed to attract hackers. Honeypots have no production value. They are set up specifically for providing advance warning of a real attack, tracking the activity and keystrokes of an attacker, increase knowledge of how hackers attack systems and luring the attacker away from the real network.

A honeynet is used for monitoring a larger and/or more diverse network in which one honeypot may not be sufficient. Honeynets and honeypots are usually implemented as parts of larger network intrusion detection systems.

A honeyfarm is a centralized collection of honeypots and analysis tools.

Leave a Comment