Difference between revisions of "Honeyd"

From ArchWiki
Jump to: navigation, search
(Installation: -)
Line 6: Line 6:
Install Honeyd from the AUR. Using yaourt:
Install Honeyd [https://aur.archlinux.org/packages.php?ID=3477 from the AUR].
[user@host ~]# yaourt -S honeyd

Revision as of 12:25, 26 August 2011


Honeyd is an open source computer program that allows a user to set up and run multiple virtual hosts on a computer network. These virtual hosts can be configured to mimic several different types of servers, allowing the user to simulate an infinite number of computer network configurations. Honeyd is primarily used in the field of computer security by professionals and hobbyists alike.

This page goes over how to get a simple setup up and running. My server uses IP address My honeyd daemon will listen at


Install Honeyd from the AUR.


Create these files:



On your firewall, add the following route:

Destination IP 	Netmask 	Gateway

Open up 2 shells on your server. In the first shell, start the honeyd program. In the second shell, use nc to connect to honeyd. The output should be as follows:



There, you have a simple, basic, set up of honeyd. To kill honeyd, issue the command

killall honeyd

I would recommend the book "Virtual Honeypots: From Botnet Tracking to Intrusion Detection" by Niels Provos to anybody who would like to really get to know honeyd.

More Resources