Difference between revisions of "Honeyd"
|Line 6:||Line 6:|
Install Honeyd from the AUR
Install Honeyd from the AUR]
Revision as of 12:25, 26 August 2011
Honeyd is an open source computer program that allows a user to set up and run multiple virtual hosts on a computer network. These virtual hosts can be configured to mimic several different types of servers, allowing the user to simulate an infinite number of computer network configurations. Honeyd is primarily used in the field of computer security by professionals and hobbyists alike.
This page goes over how to get a simple setup up and running. My server uses IP address 192.168.1.10. My honeyd daemon will listen at 10.0.0.1.
Install Honeyd from the AUR.
Create these files:
On your firewall, add the following route:
Destination IP Netmask Gateway 10.0.0.0 255.0.0.0 192.168.1.10
Open up 2 shells on your server. In the first shell, start the honeyd program. In the second shell, use nc to connect to honeyd. The output should be as follows:
There, you have a simple, basic, set up of honeyd. To kill honeyd, issue the command
I would recommend the book "Virtual Honeypots: From Botnet Tracking to Intrusion Detection" by Niels Provos to anybody who would like to really get to know honeyd.