Honeynets

Honeynets [1] are high-interaction honeypots. In fact, it is diffi cult to conceive of a honeypot solution that can offer a greater level of interaction. The concept of a Honeynet is simple. It requires one to build a network of standard production systems. These network systems are placed behind some type of access control device (such as a fi rewall) and keep a track of the network. Attackers can probe, attack, and exploit any system within the Honeynet, giving them full operating systems and applications to interact with. No services are emulated, and no caged environments are created. The systems within a Honeynet can range from a Solaris server running an Oracle database to a Windows XP server running an IIS Web server, a Cisco router. In short, the systems within a Honeynet are true production systems.