ABSTRACT
Focusing on the value of honeypots, they can be subdivided into two general categories viz. production purposes or research purposes. Production purposes honeypots are used for protecting an organization. Their activities include preventing, detecting or helping organizations to respond to an attack. Research purposes honeypots are used for collecting information. Research honeypots are used for different purposes by different organizations. The information collected by them is of different value to different organizations. Some use them to study trends of hacker activity and some are just interested in early warning and prediction of attack, or law enforcement. In general we can say that low interaction honeypots are usually used for production purposes and high interaction honeypots are used for research purposes. However, either type of honeypots can be used for either purpose. While
protecting an organization (production honeypot), honeypots may work in one of three ways; prevention, detection or response.
